Overview

overview

10

Static

static

1

GalaxyPr00...3v.zip

windows7-x64

10

GalaxyPr00...3v.zip

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GalaxyPr00j33ct2.53v.zip

  • Size

    15.0MB

  • Sample

    250113-r72t8syjaj

  • MD5

    c5b2c56d99e5cb45a5ab61478fd1be0f

  • SHA1

    afe7aa3a09836abd932b8d472426089e8c43b4e8

  • SHA256

    490e899c95fed294e6f4fcecab730594a55bd6260c730b9b8d6cb2efb69d9ed6

  • SHA512

    fd889ed9c422d27f4fc08ab918156e27a9902abab91958757600363bb88807f5710c47b1c63bc053a93faa14308b1bc69f740f859fffd042251263537ad59405

  • SSDEEP

    393216:+9IRNP8UWsnXbx/4Vwc5SOjcip6FCD1XE0sG:pbPxc6cLcigFCDx3sG

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://sailstrangej.cyou/api

Targets

    • Target

      GalaxyPr00j33ct2.53v.zip

    • Size

      15.0MB

    • MD5

      e6ae7795c2b37d3a134bb2696fbba28b

    • SHA1

      e78f6d91c7603db604d33d769924fce1bf9c1dd7

    • SHA256

      9960ca609ac2360ac63d18f6d780190767f8da977993f725bcf349764fb3a37c

    • SHA512

      0ffee69050552e609e92541a3ee49ca34c6b4b86a7db955e5b64daf901af7ee12f16c33a57dc1499b0ffa87dd7793da8de2922a8f6b693701ea8264c31d6997e

    • SSDEEP

      393216:89IRNP8UWsnXbx/4Vwc5SOjcip6FCD1XE0sG:/bPxc6cLcigFCDx3sG

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks