Overview

overview

10

Static

static

3

2025-01-14...ch.exe

windows7-x64

10

2025-01-14...ch.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-14_fcd53d9c4fa85d7b936746c571330b75_frostygoop_poet-rat_snatch

  • Size

    5.6MB

  • Sample

    250114-e24qesypbp

  • MD5

    fcd53d9c4fa85d7b936746c571330b75

  • SHA1

    84dea1cf761663079903d8ba74aa87efbf4c069e

  • SHA256

    24b4216500338e0b34189f283d4164d84e7208fe1cf8c4aea8bd4731d624f56f

  • SHA512

    e2f826e5b2a62883e794fd5a2f3b245add1b4e2b8e5174d00dd8e3968d93e406e7d8cfca4aafcee07e119821b0cdfdb34e66c7a1cfa6f12ad02e6e45363e3cac

  • SSDEEP

    98304:1n/mLCrV3ZqYwEfjgkVz2k6UkeWot3T7nFEoJfatIq0rELcPgLgj:J/H4ez

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

Targets

    • Target

      2025-01-14_fcd53d9c4fa85d7b936746c571330b75_frostygoop_poet-rat_snatch

    • Size

      5.6MB

    • MD5

      fcd53d9c4fa85d7b936746c571330b75

    • SHA1

      84dea1cf761663079903d8ba74aa87efbf4c069e

    • SHA256

      24b4216500338e0b34189f283d4164d84e7208fe1cf8c4aea8bd4731d624f56f

    • SHA512

      e2f826e5b2a62883e794fd5a2f3b245add1b4e2b8e5174d00dd8e3968d93e406e7d8cfca4aafcee07e119821b0cdfdb34e66c7a1cfa6f12ad02e6e45363e3cac

    • SSDEEP

      98304:1n/mLCrV3ZqYwEfjgkVz2k6UkeWot3T7nFEoJfatIq0rELcPgLgj:J/H4ez

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks