Overview

overview

10

Static

static

3

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2a10d42ed9b902a6a4a40b47da8448c9fa61f268f3ffb37d08bd5f5e213a0af

  • Size

    6.2MB

  • Sample

    240701-fr4s4szhkq

  • MD5

    b9265c31743db2e9698a08df7b0c5e9d

  • SHA1

    aa01367b13f827a5773d0781692809ae175bc718

  • SHA256

    b2a10d42ed9b902a6a4a40b47da8448c9fa61f268f3ffb37d08bd5f5e213a0af

  • SHA512

    1678d62ad17ce27394599f2835f3c1f209f544fdfae4c54034e7da06936768fe487a55811d9f0919018113af50153437ea0631968814910db69df0ffda36a133

  • SSDEEP

    49152:+qMb251mXUaFTyH5FYbRtQtD0gwbJBhOXg+QREJXNwrkjf5EfGd+NeDPk4A92+f9:ssyHA56IXg+TXfEfGVhgw6

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://groundsmooors.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      b2a10d42ed9b902a6a4a40b47da8448c9fa61f268f3ffb37d08bd5f5e213a0af

    • Size

      6.2MB

    • MD5

      b9265c31743db2e9698a08df7b0c5e9d

    • SHA1

      aa01367b13f827a5773d0781692809ae175bc718

    • SHA256

      b2a10d42ed9b902a6a4a40b47da8448c9fa61f268f3ffb37d08bd5f5e213a0af

    • SHA512

      1678d62ad17ce27394599f2835f3c1f209f544fdfae4c54034e7da06936768fe487a55811d9f0919018113af50153437ea0631968814910db69df0ffda36a133

    • SSDEEP

      49152:+qMb251mXUaFTyH5FYbRtQtD0gwbJBhOXg+QREJXNwrkjf5EfGd+NeDPk4A92+f9:ssyHA56IXg+TXfEfGVhgw6

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks