Overview

overview

10

Static

static

1

Cheat.zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Cheat.zip

  • Size

    50.5MB

  • Sample

    240629-t73gwa1eqf

  • MD5

    d52276dc06c94488225745c77164b851

  • SHA1

    1daa41d4a530495e3330cdb02c9c68aecf4851ea

  • SHA256

    4da4f79df8c557f7aff954656c0f57de9aa4e612689d416121c9040202e1535c

  • SHA512

    3475dd3c4e91811d9549d0805756ce7db6df825c0a2e01999f8d39266cc2fc64ab1d8ce573df456315ee05c17111d1f41dabc99ed8c86bac6fca4b1e71fadde6

  • SSDEEP

    1572864:9UgurkcyRRZpcfN22PSXOX+rMSaPWR4yPP1FIrtkYa:9n8kce3cfN2GSXqPWyiUZkB

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://bitchsafettyudjwu.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      Cheat.zip

    • Size

      50.5MB

    • MD5

      d52276dc06c94488225745c77164b851

    • SHA1

      1daa41d4a530495e3330cdb02c9c68aecf4851ea

    • SHA256

      4da4f79df8c557f7aff954656c0f57de9aa4e612689d416121c9040202e1535c

    • SHA512

      3475dd3c4e91811d9549d0805756ce7db6df825c0a2e01999f8d39266cc2fc64ab1d8ce573df456315ee05c17111d1f41dabc99ed8c86bac6fca4b1e71fadde6

    • SSDEEP

      1572864:9UgurkcyRRZpcfN22PSXOX+rMSaPWR4yPP1FIrtkYa:9n8kce3cfN2GSXqPWyiUZkB

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks