Overview

overview

10

Static

static

3

Instll.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Instll.exe

  • Size

    956KB

  • Sample

    250410-twmbhswqt9

  • MD5

    5d1f29374f9a4d974f228932a5124e0e

  • SHA1

    58a617ffb55a865e1a75e10a18f4f6ade2bd82e8

  • SHA256

    a3758d74b179a3b9451c592c873cb6c452f466424d31a3146490659eb8871340

  • SHA512

    2cdba9d5d5686669ebd92d1304758998d10d57001ad963e08bf63683a2a4cd7cb50dc5e58d585f5a58d5a8203fa0ce9fe3d006be6b90861b4ff8d8917485cfe9

  • SSDEEP

    12288:fwUwBIZ+x5TmTDaF+baUNGZQ64TcoekVLo/Va8apJUOtaPccTrpFjUy/pS47SETy:fwlIExtUXbaVQfcZe1wOScy1VMwShxY

Score
10/10
lummadiscoveryspywarestealer

Malware Config

Extracted

Family

lumma

C2

https://clarmodq.top/qoxo

https://soursopsf.run/gsoiao

https://changeaie.top/geps

https://qeasyupgw.live/eosz

https://liftally.top/xasj

https://wupmodini.digital/gokk

https://bsalaccgfa.top/gsooz

https://zestmodp.top/zeda

https://xcelmodo.run/nahd

Targets

    • Target

      Instll.exe

    • Size

      956KB

    • MD5

      5d1f29374f9a4d974f228932a5124e0e

    • SHA1

      58a617ffb55a865e1a75e10a18f4f6ade2bd82e8

    • SHA256

      a3758d74b179a3b9451c592c873cb6c452f466424d31a3146490659eb8871340

    • SHA512

      2cdba9d5d5686669ebd92d1304758998d10d57001ad963e08bf63683a2a4cd7cb50dc5e58d585f5a58d5a8203fa0ce9fe3d006be6b90861b4ff8d8917485cfe9

    • SSDEEP

      12288:fwUwBIZ+x5TmTDaF+baUNGZQ64TcoekVLo/Va8apJUOtaPccTrpFjUy/pS47SETy:fwlIExtUXbaVQfcZe1wOScy1VMwShxY

    Score
    10/10
    lummadiscoveryspywarestealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v16

Tasks