Overview

overview

10

Static

static

7

edbfdd04d1...5a.exe

windows7-x64

7

edbfdd04d1...5a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16b332205d167a6a6f76c5293aa8f201.bin

  • Size

    23.5MB

  • Sample

    240630-blngqavdkn

  • MD5

    335fa332b3cc37894a10497f8c4081c8

  • SHA1

    4ae93c5fecf5a7d1e2a56f4df275b43d17a0243a

  • SHA256

    aefbc64eff72eb869e159549c610f256e2cf09f38bcd7e9f9352402cc51cd7cb

  • SHA512

    1978ec6f1bbb3632d9d9b9cd84c2ac2481a92a970f7ec545e295081e9fd522d53b07936d68c851605cf4c7fcb991c3035111800bac339ba68bf84d24fd751d19

  • SSDEEP

    393216:HpVqFKltNKwpeTg4EkCLskEtcuCCd+N68FxMz/Wh9dmXIgUnumOjL1ezJwph:IUzT2EpLsht6Cd+NtxMzukX/UumMJeVe

Score
10/10
lummastealerupx

Malware Config

Extracted

Family

lumma

C2

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      edbfdd04d154060b82f386191ba772e0b9122e2f82a4e3c0e3ddf65fc7a8b55a.exe

    • Size

      24.4MB

    • MD5

      16b332205d167a6a6f76c5293aa8f201

    • SHA1

      40c0fba9107d270cf006f58f4fecc9742f806a2b

    • SHA256

      edbfdd04d154060b82f386191ba772e0b9122e2f82a4e3c0e3ddf65fc7a8b55a

    • SHA512

      ff18c351f1f86134f79a535eb5f6045c5dfdf3ab9e632d15a5266c86e25c0cd675a88f457a99f3ae6a92d0929d35f703a366b0d11fac1ffaa09e6f44f39e11f5

    • SSDEEP

      393216:Z8V2nhTIrvYzEWmn+FBhwFDbllTqkl6eFh3zZNgni9HkHxHLCA9arP1A0+3ERPWy:OV2h2QzE0FTIpt6eFl1NykmxeS3u

    Score
    10/10
    upxlummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks