Overview

overview

10

Static

static

3

2025-01-09...ch.exe

windows7-x64

10

2025-01-09...ch.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-09_f253a9730641e0ef6017994c8a687ac1_frostygoop_poet-rat_snatch

  • Size

    8.4MB

  • Sample

    250109-1cvxwa1rax

  • MD5

    f253a9730641e0ef6017994c8a687ac1

  • SHA1

    9c97861a944f3304d28d088bd9a9a7a9ac204997

  • SHA256

    af40c22fdb4001f16ad132d2603faf7790cd40955deb1f3746b10e3fb958cea8

  • SHA512

    8d20c0e46f98bffd48d11f8785e05415316a9ebe058e3790c5232baa1bb5641bd114194eae6c0adf868777f38773cedf9a52cf65c1a64555785811e92bed8025

  • SSDEEP

    98304:FO24CoD1+0gCkdnzotFNjL5W99zXadqTLy+6p8AU0cnavTb:42kp+K5WYYDAncq

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

    • Target

      2025-01-09_f253a9730641e0ef6017994c8a687ac1_frostygoop_poet-rat_snatch

    • Size

      8.4MB

    • MD5

      f253a9730641e0ef6017994c8a687ac1

    • SHA1

      9c97861a944f3304d28d088bd9a9a7a9ac204997

    • SHA256

      af40c22fdb4001f16ad132d2603faf7790cd40955deb1f3746b10e3fb958cea8

    • SHA512

      8d20c0e46f98bffd48d11f8785e05415316a9ebe058e3790c5232baa1bb5641bd114194eae6c0adf868777f38773cedf9a52cf65c1a64555785811e92bed8025

    • SSDEEP

      98304:FO24CoD1+0gCkdnzotFNjL5W99zXadqTLy+6p8AU0cnavTb:42kp+K5WYYDAncq

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks