General

  • Target

    yFQFu2M.exe

  • Size

    399KB

  • Sample

    250122-q6qj5syrbv

  • MD5

    c4d092484f2d29e4a11e3bbceba77240

  • SHA1

    79cfc2e6106a6245034fda4e081d8e9e94e1b46f

  • SHA256

    0d90b2123d529cf5d605cc152e1baae0e65788b6098427ab42149a76e88263f3

  • SHA512

    cff1af2afaad224e624e94fe402e88559d30e1ce97a5d13690150894844c3d258a22c8f40ed95162e19f38f0d6412c2369bcadb39605623440b1e870401aec76

  • SSDEEP

    12288:jQXNUkhZcgSbANJtfecc7HAl2DzZJ8y0DcJ:j5kh3+8JnQAoDtGxYJ

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://supplyedtwoz.click/api

https://impolitewearr.biz/api

https://toppyneedus.biz/api

https://lightdeerysua.biz/api

https://suggestyuoz.biz/api

https://hoursuhouy.biz/api

https://mixedrecipew.biz/api

https://affordtempyo.biz/api

https://pleasedcfrown.biz/api

Targets

    • Target

      yFQFu2M.exe

    • Size

      399KB

    • MD5

      c4d092484f2d29e4a11e3bbceba77240

    • SHA1

      79cfc2e6106a6245034fda4e081d8e9e94e1b46f

    • SHA256

      0d90b2123d529cf5d605cc152e1baae0e65788b6098427ab42149a76e88263f3

    • SHA512

      cff1af2afaad224e624e94fe402e88559d30e1ce97a5d13690150894844c3d258a22c8f40ed95162e19f38f0d6412c2369bcadb39605623440b1e870401aec76

    • SSDEEP

      12288:jQXNUkhZcgSbANJtfecc7HAl2DzZJ8y0DcJ:j5kh3+8JnQAoDtGxYJ

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks