General
-
Target
lua-executor-by-tiago-main.zip
-
Size
1.4MB
-
Sample
250122-j3mwhsxldq
-
MD5
53926577034f61444d4d31d12d5ce40e
-
SHA1
355314717e4b773afae61d5cd674349a0700fa27
-
SHA256
522c60d4119bbfffa8bacd23942b60258e83ae8a9879636c647cf1a9e2e74b72
-
SHA512
3c84c0ab5023068e4d2c76b514d94cdf04985309326a4e58bd722e65b0450fd239583505bf8c5a9c7da7896cd09f4a8acc8082dc4281530604427f888662f7e6
-
SSDEEP
24576:sUGpuVhxFetCJgFvdGZs+1rEShGxWXfluyR3spE2I0gxiO521UcgazBGe+:svuPx4tCJgFvEZsAr8xifcjB22Lf+
Malware Config
Extracted
lumma
https://sordid-snaked.cyou/api
https://awake-weaves.cyou/api
https://wrathful-jammy.cyou/api
https://debonairnukk.xyz/api
https://diffuculttan.xyz/api
https://effecterectz.xyz/api
https://deafeninggeh.biz/api
https://immureprech.biz/api
https://bellflamre.click/api
Targets
-
-
Target
lua-executor-by-tiago-main/Loader.exe
-
Size
393KB
-
MD5
3c4161be295e9e9d019ce68dae82d60a
-
SHA1
36447fc6418e209dff1bb8a5e576f4d46e3b3296
-
SHA256
0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d
-
SHA512
cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6
-
SSDEEP
12288:ndoOphZgRZGJZzu/aeZjl5FeBTCVpgTfR:ndl/QZGTuHhjFe1C3gt
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-