General
-
Target
installer.rar
-
Size
4.5MB
-
Sample
250110-prlrzawqal
-
MD5
5ecc8146b1ced97f71149caaa44df87a
-
SHA1
b19bf11d72268b7ae92fdbc72b4f30b4908341cd
-
SHA256
4c86e5f7cb1bb90e731820a3e11962be6bf6c33e6418ef9471d33f77332bfe52
-
SHA512
94c2fbc86556b4ff73c083423e236292105a23b93c6e771feb5247f0253cb7c38f2d92313d85ccd4446b80883e1c0c6118caf316b992e05d43f63ce0b1938ca1
-
SSDEEP
98304:wYHdfi1iHA+/sONh/f3xDYQpRdapmYpQmDl7rnq1ygG7fh:wf1ig3ONh/fBb4C6lnnmhG75
Malware Config
Extracted
lumma
https://truculengisau.biz/api
https://spookycappy.biz/api
https://punishzement.biz/api
https://nuttyshop/api
https://nuttyshopr.biz/api
https://marketlumpe.biz/api
https://littlenotii.biz/api
https://grandiouseziu.biz/api
https://fraggielek.biz/api
https://whisperusz.biz/api
Extracted
lumma
https://whisperusz.biz/api
https://fraggielek.biz/api
https://grandiouseziu.biz/api
https://littlenotii.biz/api
https://marketlumpe.biz/api
https://nuttyshopr.biz/api
https://punishzement.biz/api
https://spookycappy.biz/api
https://truculengisau.biz/api
Targets
-
-
Target
installer.rar
-
Size
4.5MB
-
MD5
5ecc8146b1ced97f71149caaa44df87a
-
SHA1
b19bf11d72268b7ae92fdbc72b4f30b4908341cd
-
SHA256
4c86e5f7cb1bb90e731820a3e11962be6bf6c33e6418ef9471d33f77332bfe52
-
SHA512
94c2fbc86556b4ff73c083423e236292105a23b93c6e771feb5247f0253cb7c38f2d92313d85ccd4446b80883e1c0c6118caf316b992e05d43f63ce0b1938ca1
-
SSDEEP
98304:wYHdfi1iHA+/sONh/f3xDYQpRdapmYpQmDl7rnq1ygG7fh:wf1ig3ONh/fBb4C6lnnmhG75
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-