Overview

overview

10

Static

static

10

be9d59c3d0...a8.exe

windows7-x64

1

be9d59c3d0...a8.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d85799c044b617d8fa3b3bd91f75a41.bin

  • Size

    185KB

  • MD5

    10f576458ccdefd88a00b6c0fe8c6f36

  • SHA1

    12424e6d3b52b042e3a737a709b81a37b096b2e8

  • SHA256

    29ee4cff5b87f34dc9f33c03762633e969c9809b34881d0d732eaf23469b4d2c

  • SHA512

    18e2a94d6075054ea33dfff64a0bd7d5caab88b69242e308b77f4ac68c30ef8a80e375939b65f12f7da939ade38de3a66268acadecd57bd78df2bd6cedd70695

  • SSDEEP

    3072:04ZEdvjbncs9gppB3mNUIcythhtP7mnj2d2/HrSIeueaASMwS7fPcX9kVyUoO+ov:0eyXcs94mUIcEH57mnjc2DSI8zwS7fP5

Score
10/10
stealerlumma

Malware Config

Extracted

Family

lumma

C2

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

Signatures

  • Lumma family
    lumma
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4d85799c044b617d8fa3b3bd91f75a41.bin
    .zip

    Password: infected

  • be9d59c3d0d868387985f389c2992f9b4d51e16c37db194abc078b3034b0e7a8.exe
    .exe windows:6 windows x86 arch:x86

    Password: infected


    Headers

    Sections