General
-
Target
wave FIX.rar
-
Size
331KB
-
Sample
250110-2d1ees1kbs
-
MD5
0181b12888b87c170d7ce1190fbc879a
-
SHA1
810d463fcf94d06c8db72dc755fa6eba3a0d8956
-
SHA256
0e42104eace0e894f995f37994f55748db936e090dec8560687336cb52c368d1
-
SHA512
560f9b3ed5256fd59a9319e60346201ffe1731e8e754dd21e8ee2c57f50cf449235ff1b54ac72ad6f8f8c88eb2de225183fad8cb32e0cad4f8f02507b367ab98
-
SSDEEP
6144:B0Dqul1SMNRfLbKk9QeBPz9eqgff5ujgDj2Treyuxw/VrIEONBk6eFlVbdSnX:B2fSMLCk7LeqgfU06vu25ONBk9V4nX
Malware Config
Extracted
lumma
https://truculengisau.biz/api
https://spookycappy.biz/api
https://punishzement.biz/api
https://nuttyshop/api
https://nuttyshopr.biz/api
https://marketlumpe.biz/api
https://littlenotii.biz/api
https://grandiouseziu.biz/api
https://fraggielek.biz/api
https://whisperusz.biz/api
Extracted
lumma
https://whisperusz.biz/api
https://fraggielek.biz/api
https://grandiouseziu.biz/api
https://littlenotii.biz/api
https://marketlumpe.biz/api
https://nuttyshopr.biz/api
https://punishzement.biz/api
https://spookycappy.biz/api
https://truculengisau.biz/api
Targets
-
-
Target
wave FIX/Wave.exe
-
Size
346KB
-
MD5
a076dfb30f21d05682a01e5ab0d9e1d4
-
SHA1
ed1fe9949697885eb64ccab8b2a35df2af45c78a
-
SHA256
3f70aaa1fc33f427cc67e0e32742c439c5b443c351fc1cdd3d0092abce812cf2
-
SHA512
c9f303703e67405939c43d5cea96d1df91c1d90b31a8b621c54bea7cacea28ed6421689e338dde45ac0f6a4308aa8804c7521ccaa8c5d39887f9fca460bf7fdd
-
SSDEEP
6144:8VQGawgISAiBstU+eERUp6WYwrabKqHUfj/ABhj9lThBBP3Tb/tpEC9ZWRfPZGCy:UQMZSAiBsa+VUpdfWPHUfLABhHhBBPtb
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-