Overview

overview

10

Static

static

3

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c43b64c78f6ccba5cfb7de13fc39d5cc43fad9a9f5e78799b34100ab69e5e4e8

  • Size

    5.8MB

  • Sample

    240624-gf9ewsydre

  • MD5

    6c149b39619395a8ba117a4cae95ba6f

  • SHA1

    3ef8be98589745ecce5522dd871e813f69a7b71b

  • SHA256

    c43b64c78f6ccba5cfb7de13fc39d5cc43fad9a9f5e78799b34100ab69e5e4e8

  • SHA512

    866edae7858e7bfb82486e99b31550307de81fa732a3075b6e2ff0abcade5331be28bb14d894cdf5176dc907a45aaa1407b6d8c4295cc69b6d45516f319560a4

  • SSDEEP

    49152:IsLm1+6M1hSfHiiQsaaR6GRNxM2u8RpZAPN0E8hKfOFuyjh5EYR/xbsSrpMih44K:F8Gi57VpZqGFLEeZ8+F+5

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://disappointcredisotw.shop/api

https://publicitycharetew.shop/api

https://computerexcudesp.shop/api

https://leafcalfconflcitw.shop/api

https://injurypiggyoewirog.shop/api

https://bargainnygroandjwk.shop/api

https://doughtdrillyksow.shop/api

https://facilitycoursedw.shop/api

Targets

    • Target

      c43b64c78f6ccba5cfb7de13fc39d5cc43fad9a9f5e78799b34100ab69e5e4e8

    • Size

      5.8MB

    • MD5

      6c149b39619395a8ba117a4cae95ba6f

    • SHA1

      3ef8be98589745ecce5522dd871e813f69a7b71b

    • SHA256

      c43b64c78f6ccba5cfb7de13fc39d5cc43fad9a9f5e78799b34100ab69e5e4e8

    • SHA512

      866edae7858e7bfb82486e99b31550307de81fa732a3075b6e2ff0abcade5331be28bb14d894cdf5176dc907a45aaa1407b6d8c4295cc69b6d45516f319560a4

    • SSDEEP

      49152:IsLm1+6M1hSfHiiQsaaR6GRNxM2u8RpZAPN0E8hKfOFuyjh5EYR/xbsSrpMih44K:F8Gi57VpZqGFLEeZ8+F+5

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks