Overview

overview

10

Static

static

3

2de8a18814...1a.exe

windows7-x64

10

2de8a18814...1a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2de8a18814cd66704edec08ae4b37e466c9986540da94cd61b2ca512d495b91a.zip

  • Size

    583KB

  • Sample

    250114-nzgmjszjal

  • MD5

    3b0e558644991e102b139dd5da210c0d

  • SHA1

    4f71e5a25c0836bf74561f1eaf138f735e62d9b1

  • SHA256

    ca8730a626e368d3bd34fb6a2349301fab001d645e675041458a7b80ffa3aff0

  • SHA512

    8a548db9531d9a4f23397f88216d91be0ec67f2ba517a2f40eda27733f41708fdbf0eb1fbc52cca2151982ea00d47bc59e1f8ae85dcf0e059436c9027ff18064

  • SSDEEP

    12288:F2L9l12plNkPyhwxpPfqRbVL86hnVJL4DQ40IyMmh5vzdZYFeVF:ghl1aSyhGdfIpLvVOQ9bhFzgFMF

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://tamedgeesy.sbs/api

https://relalingj.sbs/api

https://rottieud.sbs/api

https://brownieyuz.sbs/api

https://explainvees.sbs/api

https://ducksringjk.sbs/api

https://thinkyyokej.sbs/api

https://repostebhu.sbs/api

https://slippyhost.cfd/api

Targets

    • Target

      2de8a18814cd66704edec08ae4b37e466c9986540da94cd61b2ca512d495b91a.exe

    • Size

      687KB

    • MD5

      373cd164bb01f77ad1e37df844010ee5

    • SHA1

      15933d9bb181a5695cc2663f3e085aa7cccfdb31

    • SHA256

      2de8a18814cd66704edec08ae4b37e466c9986540da94cd61b2ca512d495b91a

    • SHA512

      05b0ba02db275f38af72bb87a72f9971df159e61f9bfe5e265edf269d20db9b5157f5313b4faa781498580a49c44a2a4b42e04a77720e3a7b7ce928c4a1583ef

    • SSDEEP

      12288:cPdAs5gcA5HZc2YNh9ZZ6jVuTzghr/k6u6haiQGh33PJEQDCk+Y3CUI6WTx:MDecACNh9ZZ65u/ghLVPhatGphlCFY3y

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks