General
-
Target
N.zip
-
Size
322KB
-
Sample
250108-p6qdpszrcw
-
MD5
15ef047e098c0585de5b25ea0a591e99
-
SHA1
c0e48c6ca98dce40765c7bc471449469270af635
-
SHA256
c157b70fea38a5754dc2496e8a5d9dbbab27c222887e8671a7156e8502abba66
-
SHA512
9d289473079bf684adf64d9d67406e30127beff4ac06ba6dd53f98c255a0cae8a8b70716b776e4b17d0286675f1fabb70bea01c56d06d07892204a28878b3d1e
-
SSDEEP
6144:O8A2i+rkamz5p6545FjFizP91hqtPYEy+vWLPmIUpibTMnVw7wCWlmbMqw1/mn2a:3A2prktO5Fp2twE7wP/UsTGwnfbnw1ej
Malware Config
Extracted
lumma
https://robinsharez.shop/api
https://handscreamny.shop/api
https://chipdonkeruz.shop/api
https://versersleep.shop/api
https://crowdwarek.shop/api
https://apporholis.shop/api
https://femalsabler.shop/api
https://soundtappysk.shop/api
Extracted
lumma
https://soundtappysk.shop/api
https://femalsabler.shop/api
https://apporholis.shop/api
https://crowdwarek.shop/api
https://versersleep.shop/api
https://chipdonkeruz.shop/api
https://handscreamny.shop/api
https://robinsharez.shop/api
Targets
-
-
Target
Nexol.exe
-
Size
332KB
-
MD5
bc334056c86dd959ea3669c4c6f3701e
-
SHA1
02babf7c36e62232403dcf76d035a96245b6526e
-
SHA256
3efec1c708fdf1aeeb13308835684945746b79eb7012c5770b7f2c12d00a5bea
-
SHA512
c342bbdcc02e14c115388956e3897a0de13099782501ade55862a18f772e8c04e36aa8ef2c2d63c67746a8a9d75c0f36bbbb2dd749d5c278699e41f0c40d6823
-
SSDEEP
6144:thrnw2U+rkamz3p6945FjFizZ91hqtPYEy+vWLPMIUpibTMnfw7wCWlmbMNw1/m1:tJnw2Prkto9Fz2twE7wPxUsTKwnfbCwm
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-