Overview

overview

10

Static

static

3

KFlauncher.exe

windows7-x64

3

KFlauncher.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    KFlauncher.exe.vir

  • Size

    951KB

  • Sample

    240701-rdegvayhjk

  • MD5

    d65785e1e76547552955064edd0d4f32

  • SHA1

    cf770d9d246fdfb78b8d677bb57e3fa96140ff88

  • SHA256

    11da7ad8b535d9071b1a7989c51c62ad74512fec29fe0e313d7873b73e8e1621

  • SHA512

    d57f1842c26b6010efa97369aeb36e8c638f605604986027106e3a628db79b658338e9f14a3885da7b664c402ff0e42811e45e97d238d874011fa9287d346eec

  • SSDEEP

    24576:feVodQCtwOpHZWh2lUJ73SoTqltTwuDat3cjCiTwMPa:rwOpHZWh6/QqltqriTG

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      KFlauncher.exe.vir

    • Size

      951KB

    • MD5

      d65785e1e76547552955064edd0d4f32

    • SHA1

      cf770d9d246fdfb78b8d677bb57e3fa96140ff88

    • SHA256

      11da7ad8b535d9071b1a7989c51c62ad74512fec29fe0e313d7873b73e8e1621

    • SHA512

      d57f1842c26b6010efa97369aeb36e8c638f605604986027106e3a628db79b658338e9f14a3885da7b664c402ff0e42811e45e97d238d874011fa9287d346eec

    • SSDEEP

      24576:feVodQCtwOpHZWh2lUJ73SoTqltTwuDat3cjCiTwMPa:rwOpHZWh6/QqltqriTG

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks