lumma | 0628c7952099fcd105059b5c8d3750567e6a2378124d2fb72b56d467809cfd34 | Triage

Submit
Reports

Overview

overview

Static

static

1

TUNIC Trai...up.exe

windows7-x64

TUNIC Trai...up.exe

windows10-2004-x64

Resubmissions

13-03-2023 17:23

230313-vycersdd7z 10

Sharing

General

Target

TUNIC Trainer Setup.exe
Size

141KB
Sample

230313-vycersdd7z
MD5

09cc739c0d7dba742399b097e9045e05
SHA1

30c4c3ed5fdfba59f378480a711b6e3abed4e28e
SHA256

0628c7952099fcd105059b5c8d3750567e6a2378124d2fb72b56d467809cfd34
SHA512

e9c4ec97e72f18cc02869d2195f19f018e08184d9fcafd8ae2eadd16591176c6423794adfbc2d89cd93626c26090e83a846db0f6c8300163cea8f76b02b093a0
SSDEEP

3072:Bojm4ILlCI+4COHCyhaEtHZkOpk97oc4ILlCI+4TOHHSafx:Bd+bwaEtHLhiHt

Score

10^/10

lumma discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

TUNIC Trainer Setup.exe

Resource

win7-20230220-es

lumma discovery stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

TUNIC Trainer Setup.exe

Resource

win10v2004-20230220-es

lumma discovery stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  TUNIC Trainer Setup.exe
- Size
  
  141KB
- MD5
  
  09cc739c0d7dba742399b097e9045e05
- SHA1
  
  30c4c3ed5fdfba59f378480a711b6e3abed4e28e
- SHA256
  
  0628c7952099fcd105059b5c8d3750567e6a2378124d2fb72b56d467809cfd34
- SHA512
  
  e9c4ec97e72f18cc02869d2195f19f018e08184d9fcafd8ae2eadd16591176c6423794adfbc2d89cd93626c26090e83a846db0f6c8300163cea8f76b02b093a0
- SSDEEP
  
  3072:Bojm4ILlCI+4COHCyhaEtHZkOpk97oc4ILlCI+4TOHHSafx:Bd+bwaEtHLhiHt
Score

10^/10

lumma discovery stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

© 2018-2024

Terms | Privacy