Overview

overview

10

Static

static

3

KFlauncher.exe

windows7-x64

3

KFlauncher.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    KFlauncher.exe.vir

  • Size

    937KB

  • Sample

    240702-rkl59szglm

  • MD5

    edfa515fb1995ccaa53ba97259bdc552

  • SHA1

    4840b49873edc09129a3d725e861a5d3edb8924b

  • SHA256

    7d0ca7b717b408404ea0d4ce98ef1cd2947402d23a7fb8c4429d18707041396c

  • SHA512

    864d2012340b4835c22a8b8a3fd6b42b87b2f1a4d79f2d6e48883a1819a84ca427b0a9c6d73078aad15a4c1696e0e54aed7f56f68a6e00d205b4444610aafed7

  • SSDEEP

    24576:flj0NdQCg30ly0HsqzDC3UALO6FIb+ayoiWF3pw:tLEY0Hsqz+AcIbinWF5w

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      KFlauncher.exe.vir

    • Size

      937KB

    • MD5

      edfa515fb1995ccaa53ba97259bdc552

    • SHA1

      4840b49873edc09129a3d725e861a5d3edb8924b

    • SHA256

      7d0ca7b717b408404ea0d4ce98ef1cd2947402d23a7fb8c4429d18707041396c

    • SHA512

      864d2012340b4835c22a8b8a3fd6b42b87b2f1a4d79f2d6e48883a1819a84ca427b0a9c6d73078aad15a4c1696e0e54aed7f56f68a6e00d205b4444610aafed7

    • SSDEEP

      24576:flj0NdQCg30ly0HsqzDC3UALO6FIb+ayoiWF3pw:tLEY0Hsqz+AcIbinWF5w

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks