lumma | 6d69b17bda1ff9f48b17c493291a93d5f98d0ae2395d326cdbae41c96d3ccd87 | Triage

Submit
Reports

Overview

overview

Static

static

3

YuQu Loade...G).zip

windows7-x64

7

YuQu Loade...G).zip

windows10-2004-x64

Resubmissions

29-06-2024 03:36

240629-d54zxstbmq 10

28-06-2024 13:39

240628-qygbhasdle 10

28-06-2024 13:29

240628-qq9yvavdjm 3

Sharing

General

Target

YuQu Loader.rar (USE ONLY IF NOT WORKING).zip
Size

117.4MB
Sample

240629-d54zxstbmq
MD5

3ea9457e45cbb04a30aa8ae12ab71891
SHA1

26259b9ec0d8d32a003ec64060672aaf27beae85
SHA256

6d69b17bda1ff9f48b17c493291a93d5f98d0ae2395d326cdbae41c96d3ccd87
SHA512

f60abc13879eb2d488b4885c36d77e96f398f55c5f181006e5c9a4e8bb1686f5c584c99fcf57482fe521d81fb9b46e5ec5ec6f1e1acaa24500585d54fa674aa1
SSDEEP

3145728:2hJPhl2pXF40X0xnav4as6dpfp9M3cOPyc:2DPLcmMLs6np9MJ

Score

10^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

YuQu Loader.rar (USE ONLY IF NOT WORKING).zip

Resource

win7-20240508-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

YuQu Loader.rar (USE ONLY IF NOT WORKING).zip

Resource

win10v2004-20240611-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://extorteauhhwigw.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

- Target
  
  YuQu Loader.rar (USE ONLY IF NOT WORKING).zip
- Size
  
  117.4MB
- MD5
  
  3ea9457e45cbb04a30aa8ae12ab71891
- SHA1
  
  26259b9ec0d8d32a003ec64060672aaf27beae85
- SHA256
  
  6d69b17bda1ff9f48b17c493291a93d5f98d0ae2395d326cdbae41c96d3ccd87
- SHA512
  
  f60abc13879eb2d488b4885c36d77e96f398f55c5f181006e5c9a4e8bb1686f5c584c99fcf57482fe521d81fb9b46e5ec5ec6f1e1acaa24500585d54fa674aa1
- SSDEEP
  
  3145728:2hJPhl2pXF40X0xnav4as6dpfp9M3cOPyc:2DPLcmMLs6np9MJ
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy