Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    efa8c6ecd88a7c400ff0b28ec7e5d2052943546f4c41dc41c3702dc73e9d0756

  • Size

    5.6MB

  • Sample

    240625-kvhr9staqr

  • MD5

    608321f2d1044c6c22eeb66205e53650

  • SHA1

    3918051ba89f9a1a0c3116029ca554cbf80a1281

  • SHA256

    efa8c6ecd88a7c400ff0b28ec7e5d2052943546f4c41dc41c3702dc73e9d0756

  • SHA512

    aecad75ff510730f7c0ed3f5f260a4697eebdea2b4c292ee0da34ff32702ed6b6511e374bd707be40dd51b9b498af4534237adc09451f658fa5aba3ca6b23e4e

  • SSDEEP

    49152:YzmL+zbXEoqq1OQmf/csUgUk0WgwH20j9e7Esrp4AjE5EjwMh49cA0fAVXr15Tdy:YmLEbMIqPH20RvEW3TY

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://leafcalfconflcitw.shop/api

https://publicitycharetew.shop/api

https://computerexcudesp.shop/api

https://injurypiggyoewirog.shop/api

https://bargainnygroandjwk.shop/api

https://disappointcredisotw.shop/api

https://doughtdrillyksow.shop/api

https://facilitycoursedw.shop/api

Targets

    • Target

      efa8c6ecd88a7c400ff0b28ec7e5d2052943546f4c41dc41c3702dc73e9d0756

    • Size

      5.6MB

    • MD5

      608321f2d1044c6c22eeb66205e53650

    • SHA1

      3918051ba89f9a1a0c3116029ca554cbf80a1281

    • SHA256

      efa8c6ecd88a7c400ff0b28ec7e5d2052943546f4c41dc41c3702dc73e9d0756

    • SHA512

      aecad75ff510730f7c0ed3f5f260a4697eebdea2b4c292ee0da34ff32702ed6b6511e374bd707be40dd51b9b498af4534237adc09451f658fa5aba3ca6b23e4e

    • SSDEEP

      49152:YzmL+zbXEoqq1OQmf/csUgUk0WgwH20j9e7Esrp4AjE5EjwMh49cA0fAVXr15Tdy:YmLEbMIqPH20RvEW3TY

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks