Overview

overview

10

Static

static

3

native ins...ac.exe

windows7-x64

10

native ins...ac.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Native Instruments Monark V1.0 Win Mac.7z

  • Size

    11.1MB

  • Sample

    250125-sd4meaxpgx

  • MD5

    6331314a84b2649892c25ea1dc7d946c

  • SHA1

    83b9b6bdc18361fb2cf0770e99fad2beea69716b

  • SHA256

    6087227bb35383f28a21d99cdb8a110f28648fa4e12cb7f0f6b6c3b521765f2e

  • SHA512

    ccdc2a441cbc68e5d62ea0ebd2cf8b5c23e50d942b43eb7768b32deabe799b2abe1bd0da33b2eed03de1f793fba9c5211458964d30c4aa90018a229c82deb192

  • SSDEEP

    196608:QBSb7ol5phK4V18jwY3bOVLvmTd610v/qI4m6xxJfiVl5ZxgVbpSE6l1eEXSA7Cf:Bb0ln8jwY3bOFvmZH3+5xxNiGJpStlIZ

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

    • Target

      native instruments monark v1.0 win mac.exe

    • Size

      807.2MB

    • MD5

      0b2a30ec0be8ecf3a2a89736f67a225e

    • SHA1

      b08014503cf64c53eed2b27e56966811fe78fa32

    • SHA256

      cd7344a1923fca79d26161b9a325af852fa617fc1cd81e555df0148e017d27a4

    • SHA512

      d17fc2dea04b508844ceb87940f87ae7c9e472e68c28857a8a3a6701de82d7ab761542bc3e36a109338cdc898632f95da229ae9912e5a17516429c9c10636600

    • SSDEEP

      393216:C07UqU4R/N+Z4hxQDd3GLHOA/YQbDFMUshconFqxit:C0XHBSsbDFah

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks