General
-
Target
MultiHack v1.8.zip
-
Size
3.7MB
-
Sample
250110-29g8qasmc1
-
MD5
21999c283e40354f9afa5b9648b77fc2
-
SHA1
4bc28b361ef2045e979ad1e4db462898e8a03dd2
-
SHA256
f1280ad6d45710afa6fa3f44f19e2390e8fcdc72b04ee3ac0eee739ed8d73ba6
-
SHA512
df6b2b643e985f7857f3709c146c157c3e17324881dcc3eab4488768ed49f53818eb4ad7b37e786b325c2eaa19169259691427f0ad4eb8ef774a091178ebf464
-
SSDEEP
49152:kRy9fGgwaV3FcPvP0+LGScC03k6WTAK+K78qDyJcHxLrP+koOQLXbuv3iO5yXL7x:8U+gwaVVcvJXI32+zUOqpnoOr/ixX6o
Malware Config
Extracted
lumma
https://truculengisau.biz/api
https://spookycappy.biz/api
https://punishzement.biz/api
https://nuttyshop/api
https://nuttyshopr.biz/api
https://marketlumpe.biz/api
https://littlenotii.biz/api
https://grandiouseziu.biz/api
https://fraggielek.biz/api
Extracted
lumma
https://fraggielek.biz/api
https://grandiouseziu.biz/api
https://littlenotii.biz/api
https://marketlumpe.biz/api
https://nuttyshopr.biz/api
https://punishzement.biz/api
https://spookycappy.biz/api
https://truculengisau.biz/api
Targets
-
-
Target
MultiHack v1.8.zip
-
Size
3.7MB
-
MD5
21999c283e40354f9afa5b9648b77fc2
-
SHA1
4bc28b361ef2045e979ad1e4db462898e8a03dd2
-
SHA256
f1280ad6d45710afa6fa3f44f19e2390e8fcdc72b04ee3ac0eee739ed8d73ba6
-
SHA512
df6b2b643e985f7857f3709c146c157c3e17324881dcc3eab4488768ed49f53818eb4ad7b37e786b325c2eaa19169259691427f0ad4eb8ef774a091178ebf464
-
SSDEEP
49152:kRy9fGgwaV3FcPvP0+LGScC03k6WTAK+K78qDyJcHxLrP+koOQLXbuv3iO5yXL7x:8U+gwaVVcvJXI32+zUOqpnoOr/ixX6o
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-