Overview

overview

10

Static

static

3

dfffffd3_build.exe

windows7-x64

10

dfffffd3_build.exe

windows10-2004-x64

10

dfffffd3_build.exe

windows10-ltsc 2021-x64

10

dfffffd3_build.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dfffffd3_build.exe

  • Size

    345KB

  • Sample

    250124-t4ml9aypfk

  • MD5

    411a8be4139d78d7964a4532ed57ce69

  • SHA1

    2be58de20247c6bbe40e4bb5fea94e2993e4ec3e

  • SHA256

    134542909a1218e3c0346d825348f89c581f00731ec53b62f38cd42e26cc266d

  • SHA512

    64abbdced2c52383628e3006c428a3a0b77bd974a231634e9473b3a1f5a865702e64255aeae63cb389c0ac7bd9d13a14342f37a7eecef059eff20f764e260b44

  • SSDEEP

    6144:2x2qx0jUcmKR2Hg58UkKiuIdDzOx8BGvvF6lqx4pkjcy4Msw50:2Mqx0jZmKWvDbYicT49wq

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

https://letterdrive.shop/api

Targets

    • Target

      dfffffd3_build.exe

    • Size

      345KB

    • MD5

      411a8be4139d78d7964a4532ed57ce69

    • SHA1

      2be58de20247c6bbe40e4bb5fea94e2993e4ec3e

    • SHA256

      134542909a1218e3c0346d825348f89c581f00731ec53b62f38cd42e26cc266d

    • SHA512

      64abbdced2c52383628e3006c428a3a0b77bd974a231634e9473b3a1f5a865702e64255aeae63cb389c0ac7bd9d13a14342f37a7eecef059eff20f764e260b44

    • SSDEEP

      6144:2x2qx0jUcmKR2Hg58UkKiuIdDzOx8BGvvF6lqx4pkjcy4Msw50:2Mqx0jZmKWvDbYicT49wq

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks