Overview

overview

10

Static

static

1

Installing...86.exe

windows7-x64

10

Installing...86.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Installing_x64_x86.exe

  • Size

    2.7MB

  • Sample

    250126-m8k6nazldw

  • MD5

    c4fe4039268bc1f8ea438f43977bddf0

  • SHA1

    27be2d37413c076f6947b7c4ad3fbf328b7e4bcf

  • SHA256

    bc74cd2c8aff1c00127f1c4f503c46667e04a4fa7d26360f3eb0bdf8f607b963

  • SHA512

    c1c8597ee1b971f0760b65fe43ba4adca7ee6fa8a19cb0f7c54badfbfa763677cf941a1b21040697aad19cb91b148fd73c6e2cb9dc0bda1b8c14ef943cbde9e1

  • SSDEEP

    49152:ft0WJo6iw2+BCBhyGDz7cep+/Cz3ddQn0xIpxg2Wv9SJu3lqLt2fqLt2K:SQi2E9KidQn0xIpxg2Wv9Fqt2fqt2K

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://crib-endanger.sbs/api

https://faintbl0w.sbs/api

https://300snails.sbs/api

https://bored-light.sbs/api

https://3xc1aimbl0w.sbs/api

https://pull-trucker.sbs/api

https://fleez-inc.sbs/api

https://thicktoys.sbs/api

https://frogmen-smell.sbs/api

Targets

    • Target

      Installing_x64_x86.exe

    • Size

      2.7MB

    • MD5

      c4fe4039268bc1f8ea438f43977bddf0

    • SHA1

      27be2d37413c076f6947b7c4ad3fbf328b7e4bcf

    • SHA256

      bc74cd2c8aff1c00127f1c4f503c46667e04a4fa7d26360f3eb0bdf8f607b963

    • SHA512

      c1c8597ee1b971f0760b65fe43ba4adca7ee6fa8a19cb0f7c54badfbfa763677cf941a1b21040697aad19cb91b148fd73c6e2cb9dc0bda1b8c14ef943cbde9e1

    • SSDEEP

      49152:ft0WJo6iw2+BCBhyGDz7cep+/Cz3ddQn0xIpxg2Wv9SJu3lqLt2fqLt2K:SQi2E9KidQn0xIpxg2Wv9Fqt2fqt2K

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks