Overview

overview

10

Static

static

3

SoftWare_(...2).zip

windows7-x64

10

SoftWare_(...2).zip

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SoftWare_(p@ssw0rd_1212).zip

  • Size

    214.3MB

  • Sample

    250109-s1pf1atkcs

  • MD5

    c88befa6a84dec14337b743a02fb42c9

  • SHA1

    885cfeb56c18a8711054be595f7ed2f1ae419652

  • SHA256

    448de767f56dafa0d9db0e90b7f5d1eed24b0baf23cbad4dedea013451be3de0

  • SHA512

    f301c52ac20c0bcd093a14ebb4dcc07086bd2865fdc441f26e163259cc67c0ed9a2f1faf937d028610403d316ae371b812beb5dd0957449851582484b00f5319

  • SSDEEP

    6291456:zC07nKVvdGJfEnYVyEHA0d+QUt9OOKVfHB:zCKKBdAaG0QUt9OP5HB

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://remakeveile.sbs/api

Targets

    • Target

      SoftWare_(p@ssw0rd_1212).zip

    • Size

      214.3MB

    • MD5

      c88befa6a84dec14337b743a02fb42c9

    • SHA1

      885cfeb56c18a8711054be595f7ed2f1ae419652

    • SHA256

      448de767f56dafa0d9db0e90b7f5d1eed24b0baf23cbad4dedea013451be3de0

    • SHA512

      f301c52ac20c0bcd093a14ebb4dcc07086bd2865fdc441f26e163259cc67c0ed9a2f1faf937d028610403d316ae371b812beb5dd0957449851582484b00f5319

    • SSDEEP

      6291456:zC07nKVvdGJfEnYVyEHA0d+QUt9OOKVfHB:zCKKBdAaG0QUt9OP5HB

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks