Overview

overview

10

Static

static

3

github.sof....8.exe

windows7-x64

3

github.sof....8.exe

windows10-2004-x64

10

github.sof....8.exe

windows11-21h2-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    github.software.1.1.8.exe

  • Size

    526KB

  • Sample

    240627-yc3avazakr

  • MD5

    87f9b840bb41a3488601bbb3e4e1fbd7

  • SHA1

    843df85b4df246a97bb93124f2d3bc8a35845792

  • SHA256

    5fbd74b727784725db522b21fb0b291ceaa9f99082f238c8b27977e2ab34d785

  • SHA512

    185180b8dfad633114e21c8ae00d164175634b797f9e4e9ff7a961fce4cf2cfee1edd335a97105aa49f40618eb403b5721ae264552d40245de8aa9a4010adb0a

  • SSDEEP

    12288:dV8l+nZJDPijrLnL999fn6nVwt9suceSUvnpuY9:dmoZJji3LnL999fn6nVwvsuceSsp

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://harmfullyelobardek.shop/api

Targets

    • Target

      github.software.1.1.8.exe

    • Size

      526KB

    • MD5

      87f9b840bb41a3488601bbb3e4e1fbd7

    • SHA1

      843df85b4df246a97bb93124f2d3bc8a35845792

    • SHA256

      5fbd74b727784725db522b21fb0b291ceaa9f99082f238c8b27977e2ab34d785

    • SHA512

      185180b8dfad633114e21c8ae00d164175634b797f9e4e9ff7a961fce4cf2cfee1edd335a97105aa49f40618eb403b5721ae264552d40245de8aa9a4010adb0a

    • SSDEEP

      12288:dV8l+nZJDPijrLnL999fn6nVwt9suceSUvnpuY9:dmoZJji3LnL999fn6nVwvsuceSsp

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks