Overview

overview

10

Static

static

10

Malware.2024.12.25.7z

windows7-x64

1

Malware.2024.12.25.7z

windows10-2004-x64

1

2024-12-25...19.exe

windows7-x64

2024-12-25...19.exe

windows10-2004-x64

2024-12-25...8a.pdf

windows7-x64

3

2024-12-25...8a.pdf

windows10-2004-x64

3

2024-12-25...0d.pdf

windows7-x64

3

2024-12-25...0d.pdf

windows10-2004-x64

3

2024-12-25...96.exe

windows7-x64

7

2024-12-25...96.exe

windows10-2004-x64

7

2024-12-25...61.exe

windows7-x64

1

2024-12-25...61.exe

windows10-2004-x64

1

2024-12-25...03.pdf

windows7-x64

3

2024-12-25...03.pdf

windows10-2004-x64

3

2024-12-25...62.exe

windows7-x64

10

2024-12-25...62.exe

windows10-2004-x64

10

2024-12-25...25.exe

windows7-x64

1

2024-12-25...25.exe

windows10-2004-x64

1

2024-12-25...6b.exe

windows7-x64

10

2024-12-25...6b.exe

windows10-2004-x64

10

2024-12-25...ec.exe

windows7-x64

1

2024-12-25...ec.exe

windows10-2004-x64

3

2024-12-25...cc.exe

windows7-x64

1

2024-12-25...cc.exe

windows10-2004-x64

3

2024-12-25...3a.exe

windows7-x64

10

2024-12-25...3a.exe

windows10-2004-x64

10

2024-12-25...66.exe

windows7-x64

3

2024-12-25...66.exe

windows10-2004-x64

3

2024-12-25...97.exe

windows7-x64

10

2024-12-25...97.exe

windows10-2004-x64

10

2024-12-25...1d.pdf

windows7-x64

3

2024-12-25...1d.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    67s
  • max time network
    22s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    31-01-2025 17:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-12-25/unknown-e49324f54cdf00a226d1779157391c9c260ddb6a5179ece3276f326052b95962.exe

  • Size

    2.5MB

  • MD5

    592dfc2c69751ac75147467449ed271e

  • SHA1

    16df4b6679091b52db2baed0e535b22f418fed5c

  • SHA256

    e49324f54cdf00a226d1779157391c9c260ddb6a5179ece3276f326052b95962

  • SHA512

    f0bd781a7ba5d6f43593d0ca67daa7196207960589b7ed7c22df0f2325035b7e4527963dfe4e0111ede7b8be48e7fba30a2a4be1ac8f07d9cc432bdbc34bd773

  • SSDEEP

    49152:dFUjNrQNRdtz/izuOBU0+djAeSlj2taFwuJxWvIT6tXdsQtEr8haJ:KN4vz/izuOBadjAeSlj2taSubWAT6tXY

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://rapeflowwj.lat/api

https://crosshuaht.lat/api

https://sustainskelet.lat/api

https://aspecteirs.lat/api

https://energyaffai.lat/api

https://necklacebudi.lat/api

https://discokeyus.lat/api

https://grannyejh.lat/api

https://movementby.cyou/api

Signatures

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma
  • Lumma family
    lumma

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-12-25\unknown-e49324f54cdf00a226d1779157391c9c260ddb6a5179ece3276f326052b95962.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-12-25\unknown-e49324f54cdf00a226d1779157391c9c260ddb6a5179ece3276f326052b95962.exe"
    1⤵
      PID:2580

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2580-2-0x0000000000560000-0x0000000000660000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2580-3-0x0000000000560000-0x0000000000660000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2580-4-0x0000000000560000-0x0000000000660000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2580-5-0x0000000000410000-0x0000000000462000-memory.dmp

      Filesize

      328KB

      Download