Overview

overview

10

Static

static

1

0b9eccdf66...6c.exe

windows7-x64

10

0b9eccdf66...6c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b9eccdf6649cc0cfba37c0430f5ca0765aff9c7dfb9e0ea1c89bd3e7bc3f86c.exe

  • Size

    549KB

  • Sample

    250111-z21nzsslfr

  • MD5

    be4993e6079576a45ca0c13a735779f9

  • SHA1

    0045d12961252e201af80534d9be58660681be2b

  • SHA256

    0b9eccdf6649cc0cfba37c0430f5ca0765aff9c7dfb9e0ea1c89bd3e7bc3f86c

  • SHA512

    5f7849c2607dabac489fc15455b8b2be2eb7d37749707f4715dc162c5f1bbf5c4c43208637752a254f6142d386bb6db7cf7314740515c5d4ac160d3b82a92f58

  • SSDEEP

    12288:9yssTHKT0KDvd3Ha8062GnuCo9ap83yE6:cTqT3Ld368062Qi9PCX

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://conceptionnyi.sbs/api

https://platformcati.sbs/api

https://nervepianoyo.sbs/api

https://qualifielgalt.sbs/api

https://smashygally.sbs/api

https://fightyglobo.sbs/api

https://modellydivi.sbs/api

https://pioneeruyj.sbs/api

https://underlinefiue.sbs/api

Extracted

Family

lumma

C2

https://platformcati.sbs/api

Targets

    • Target

      0b9eccdf6649cc0cfba37c0430f5ca0765aff9c7dfb9e0ea1c89bd3e7bc3f86c.exe

    • Size

      549KB

    • MD5

      be4993e6079576a45ca0c13a735779f9

    • SHA1

      0045d12961252e201af80534d9be58660681be2b

    • SHA256

      0b9eccdf6649cc0cfba37c0430f5ca0765aff9c7dfb9e0ea1c89bd3e7bc3f86c

    • SHA512

      5f7849c2607dabac489fc15455b8b2be2eb7d37749707f4715dc162c5f1bbf5c4c43208637752a254f6142d386bb6db7cf7314740515c5d4ac160d3b82a92f58

    • SSDEEP

      12288:9yssTHKT0KDvd3Ha8062GnuCo9ap83yE6:cTqT3Ld368062Qi9PCX

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks