Overview

overview

10

Static

static

3

tesr.exe

windows7-x64

10

tesr.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    70d00b2368e0aaf0ec2aefd7e4db5d0f8934bb581da7b5dba5293d92a1743af4.iso

  • Size

    12.5MB

  • Sample

    250114-c6mllatrgy

  • MD5

    334a290f09f8469e59b4aa9c0847f971

  • SHA1

    d1278c450140e546bc177306a1fc80d3d596bc48

  • SHA256

    70d00b2368e0aaf0ec2aefd7e4db5d0f8934bb581da7b5dba5293d92a1743af4

  • SHA512

    ef2fe7d7100dc83a3ab020465d52986602d8ba6b3a13833e2cf5bd12947bd4bbe0e7feaecd2d74462d9bddc393737cbb4ca72b7d8b760af80c9770d932a1fedc

  • SSDEEP

    393216:a34OXjrnjnEEQWbPbqeQ2K3G/JXa42gqf:s4I/njtQOr50Sqf

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://impend-differ.biz/api

https://print-vexer.biz/api

https://dare-curbys.biz/api

https://covery-mover.biz/api

https://formy-spill.biz/api

https://dwell-exclaim.biz/api

https://zinc-sneark.biz/api

https://se-blurry.biz/api

Targets

    • Target

      tesr.exe

    • Size

      12.1MB

    • MD5

      4f96b4d0061d45b08d73e3526d82630f

    • SHA1

      15d6d2445d55db393adf30f0bf7f4b649c098257

    • SHA256

      30bc5b4729f0ae6ea5e1eb44654e739040f29941b5e6d2436b10ae93a98e5e6b

    • SHA512

      6b50eb6e642adb840497b95e0dd5248054752027c15627c2a6262a4e7497c78d1a7eb7b1936c7d8c6f94557b99fcb465e5514f707e04f5f7cc1efee69216a372

    • SSDEEP

      393216:R34OXjrnjnEEQWbPbqeQ2K3G/JXa42gqf:R4I/njtQOr50Sqf

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks