General
-
Target
Setup.exe
-
Size
35.4MB
-
Sample
240704-k1b7nstbrj
-
MD5
d093685e6b91fc6147052af9dee16bbf
-
SHA1
689da37e0f0cfffb50ca590a03e3d3687226d50f
-
SHA256
8ba9adaf89214c5f87f5bfd5bf1b6db6e688b5bb2bf61816e7b62c64f90a5c2f
-
SHA512
19386bd61b8e4d500cf9098f97af9c46e55da98ca80e6e199ec0d1f7b012d3fe007cbb19420093caf264126c90fa63698a926949576985d3ffdd51d97a100257
-
SSDEEP
196608:J4sY1sHqQwiBmEIz9o0bUVqnP1Cw2MqGJ/3pnOsS0pu0Fdj6G7:JE1sGbEIn9eqvOt0pu0Pj6G7
Malware Config
Extracted
lumma
https://radiationnopp.shop/api
Targets
-
-
Target
Setup.exe
-
Size
35.4MB
-
MD5
d093685e6b91fc6147052af9dee16bbf
-
SHA1
689da37e0f0cfffb50ca590a03e3d3687226d50f
-
SHA256
8ba9adaf89214c5f87f5bfd5bf1b6db6e688b5bb2bf61816e7b62c64f90a5c2f
-
SHA512
19386bd61b8e4d500cf9098f97af9c46e55da98ca80e6e199ec0d1f7b012d3fe007cbb19420093caf264126c90fa63698a926949576985d3ffdd51d97a100257
-
SSDEEP
196608:J4sY1sHqQwiBmEIz9o0bUVqnP1Cw2MqGJ/3pnOsS0pu0Fdj6G7:JE1sGbEIn9eqvOt0pu0Pj6G7
Score10/10-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-