Overview

overview

10

Static

static

3

427417924d...cs.exe

windows7-x64

7

427417924d...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    427417924d91dc02a6fd37560db62e8a32ecf0325fae36284b068114dc396254_NeikiAnalytics.exe

  • Size

    417KB

  • Sample

    240701-j5bk9sthmp

  • MD5

    894f13cffc8eb730cfa9101564542d60

  • SHA1

    b54cdbd4cf70d7377e66cf66627b0b5ae59b4ade

  • SHA256

    427417924d91dc02a6fd37560db62e8a32ecf0325fae36284b068114dc396254

  • SHA512

    a80037be6638e923c3f4cc512d01604a2ca925f991f81f00ea2e47c9b636f42c5e16a081a92ef64e0daf50f66fce0a93eac7eb13461f2b8583059c68527712c9

  • SSDEEP

    12288:GoGjz7YONFt7DtygOJEITNLL3CEJwK/nK0ag4bl3M5NJGYQMor1x38o:GoGPUctFyT

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://piedsiggnycliquieaw.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      427417924d91dc02a6fd37560db62e8a32ecf0325fae36284b068114dc396254_NeikiAnalytics.exe

    • Size

      417KB

    • MD5

      894f13cffc8eb730cfa9101564542d60

    • SHA1

      b54cdbd4cf70d7377e66cf66627b0b5ae59b4ade

    • SHA256

      427417924d91dc02a6fd37560db62e8a32ecf0325fae36284b068114dc396254

    • SHA512

      a80037be6638e923c3f4cc512d01604a2ca925f991f81f00ea2e47c9b636f42c5e16a081a92ef64e0daf50f66fce0a93eac7eb13461f2b8583059c68527712c9

    • SSDEEP

      12288:GoGjz7YONFt7DtygOJEITNLL3CEJwK/nK0ag4bl3M5NJGYQMor1x38o:GoGPUctFyT

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks