Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-06-2024 21:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1e4092031bb89f285a39f6fb9730fa172bc63ed82a51bfb39ea29e4fec4b635d.exe

  • Size

    304KB

  • MD5

    6863d8f623b5da333280f965ea7f3399

  • SHA1

    1d556979af572a2cd2b71b8b0dafec6a5c27d1d1

  • SHA256

    1e4092031bb89f285a39f6fb9730fa172bc63ed82a51bfb39ea29e4fec4b635d

  • SHA512

    72f1ea32b099b16f5bd6d0b094d60a40fd80c50228bc2312a2af107777cd8e0da7057b731feffe3e1d233d9e072bc6c80f09414745b136f12ae5b738b8967e70

  • SSDEEP

    3072:CNumiCvg3BFzJ4CcdgRATfnk3UQwne2hBqiAwtmgeR+eH2UrWWxcvi6mRKRobWXY:uJCBFFo83UpbAIeRlH2lhCAxkAlQ2

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://ablesulkyfirstyews.shop/api

https://publicitycharetew.shop/api

https://computerexcudesp.shop/api

https://leafcalfconflcitw.shop/api

https://injurypiggyoewirog.shop/api

https://bargainnygroandjwk.shop/api

https://disappointcredisotw.shop/api

https://doughtdrillyksow.shop/api

https://facilitycoursedw.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

    stealerlumma

Processes

  • C:\Users\Admin\AppData\Local\Temp\1e4092031bb89f285a39f6fb9730fa172bc63ed82a51bfb39ea29e4fec4b635d.exe
    "C:\Users\Admin\AppData\Local\Temp\1e4092031bb89f285a39f6fb9730fa172bc63ed82a51bfb39ea29e4fec4b635d.exe"
    1⤵
      PID:1372

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads