Overview

overview

10

Static

static

3

davies.exe

windows7-x64

10

davies.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    davies.exe

  • Size

    379KB

  • Sample

    250110-mycrjavmap

  • MD5

    7d101b7e062d99e8b7914e7d43dfc23b

  • SHA1

    a5fa9dc8d98c6e9f9de23cbf6456d6a70b384fdd

  • SHA256

    5169bb87481b683a2f1043ff15708455d3d889b5c1d95ab107d2ef8fb9e20aee

  • SHA512

    fc482d0541d7fe1d8acf66d047e879ed011bfa58f9fd594c20d7dc20a11a1c5b5f1d9ea35c47e1af4f58b2ccb925523c180afc997743de53a7910a888d7adf72

  • SSDEEP

    3072:xaRuoiN6X5ZEHYi2z5hLY4eBwHpV1FKKtHv8TDYJ7wenpXI2kWex76oVcT1LYAxy:E0CZE4D5vrvRx5dpXIAPlYA9WPVmvU

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

https://spellshagey.biz/api

Targets

    • Target

      davies.exe

    • Size

      379KB

    • MD5

      7d101b7e062d99e8b7914e7d43dfc23b

    • SHA1

      a5fa9dc8d98c6e9f9de23cbf6456d6a70b384fdd

    • SHA256

      5169bb87481b683a2f1043ff15708455d3d889b5c1d95ab107d2ef8fb9e20aee

    • SHA512

      fc482d0541d7fe1d8acf66d047e879ed011bfa58f9fd594c20d7dc20a11a1c5b5f1d9ea35c47e1af4f58b2ccb925523c180afc997743de53a7910a888d7adf72

    • SSDEEP

      3072:xaRuoiN6X5ZEHYi2z5hLY4eBwHpV1FKKtHv8TDYJ7wenpXI2kWex76oVcT1LYAxy:E0CZE4D5vrvRx5dpXIAPlYA9WPVmvU

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks