Overview

overview

10

Static

static

3

random.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    random.exe

  • Size

    1.2MB

  • Sample

    250410-xh6psazwez

  • MD5

    10df43a9bcda80911d9e23b6cdb590cc

  • SHA1

    e750427f684fe5539465ca69d7ec870a64b04d2e

  • SHA256

    e0a860108cfd2512018cf3d093810822ccad69b6bd25f8f0fc6080f882e36d2c

  • SHA512

    6875986d8d7ec4721fcf3f06295d8cd5d2e48f6f2825fcc64bee4d13cd2d3444cd2bf4a6d52e366ce65fae8a386b77727182cf6b175187f214b1033d694d322e

  • SSDEEP

    24576:xQBrDZNBpy9p/uGnNVJWA6E1KzfHRkqL8erhI3G9AW6Oaf:CBPURuGNVJWA62Kz+6lrhI29H6

Score
10/10
lummadiscoveryspywarestealer

Malware Config

Extracted

Family

lumma

C2

https://elvernwood.digital/gids

https://soursopsf.run/gsoiao

https://changeaie.top/geps

https://easyupgw.live/eosz

https://liftally.top/xasj

https://upmodini.digital/gokk

https://salaccgfa.top/gsooz

https://zestmodp.top/zeda

https://xcelmodo.run/nahd

Targets

    • Target

      random.exe

    • Size

      1.2MB

    • MD5

      10df43a9bcda80911d9e23b6cdb590cc

    • SHA1

      e750427f684fe5539465ca69d7ec870a64b04d2e

    • SHA256

      e0a860108cfd2512018cf3d093810822ccad69b6bd25f8f0fc6080f882e36d2c

    • SHA512

      6875986d8d7ec4721fcf3f06295d8cd5d2e48f6f2825fcc64bee4d13cd2d3444cd2bf4a6d52e366ce65fae8a386b77727182cf6b175187f214b1033d694d322e

    • SSDEEP

      24576:xQBrDZNBpy9p/uGnNVJWA6E1KzfHRkqL8erhI3G9AW6Oaf:CBPURuGNVJWA62Kz+6lrhI29H6

    Score
    10/10
    lummadiscoveryspywarestealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v16

Tasks