Overview

overview

10

Static

static

3

Adobe.Acrobat.zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Adobe.Acrobat.zip

  • Size

    16.3MB

  • Sample

    240701-zlj2asyemb

  • MD5

    9baa8a41aeb5a6c34847f8b1cfa2ba79

  • SHA1

    4f8817434ec0953f209c2d35f2b639298cb578ff

  • SHA256

    eeb450b3e67b89cdbe829578448c2614a25bc300270c6684fa10e4b453614a7e

  • SHA512

    cd0de0b769ea8f0c5d80d7f86c71eb875e89f2793f3d8b171a84a4629da292aabd5fe165962266f7e9fa72115fa104fbc97b31573a724097e54ad00fcd90546f

  • SSDEEP

    393216:eCaHw/Aeu+TLYuWrSDyv9+VXC5DhY2/8r4WB7OmLPIYVpg:eCyy/LTLjWrSDk9ECM2/o4WBkEu

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://groundsmooors.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      Adobe.Acrobat.zip

    • Size

      16.3MB

    • MD5

      9baa8a41aeb5a6c34847f8b1cfa2ba79

    • SHA1

      4f8817434ec0953f209c2d35f2b639298cb578ff

    • SHA256

      eeb450b3e67b89cdbe829578448c2614a25bc300270c6684fa10e4b453614a7e

    • SHA512

      cd0de0b769ea8f0c5d80d7f86c71eb875e89f2793f3d8b171a84a4629da292aabd5fe165962266f7e9fa72115fa104fbc97b31573a724097e54ad00fcd90546f

    • SSDEEP

      393216:eCaHw/Aeu+TLYuWrSDyv9+VXC5DhY2/8r4WB7OmLPIYVpg:eCyy/LTLjWrSDk9ECM2/o4WBkEu

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks