lumma | 9a3245e6d3af81f8f515fca1dee9dc5e3aad9c2d263825ce975e2f2d19aa44e4

Sharing

Copy URL

Twitter E-mail

General

Target

Smartphone.Tycoon MT.rar
Size

322.2MB
Sample

230330-dl6z6sag64
MD5

9a3a981eb31f51958058ba06e6d86ec9
SHA1

0e5abd5c39b7d2eb589ca8bd09560a5448546feb
SHA256

9a3245e6d3af81f8f515fca1dee9dc5e3aad9c2d263825ce975e2f2d19aa44e4
SHA512

509cf917409b90544eafcfa3dd500af3516a473ee7a1987b669a926a6632f9e44d65a108ebc26db3b5fcd01e782e6cede7f631216145b4401aa5d0fa1ce638f9
SSDEEP

6291456:+g048SOYJUUd+hVQQbyViDKPSdjnlZMD8hOowDZMlpfP/wwLKTTTK3V6YV7:+5wqVQHDSSQhcDZMjXl+TXKFV7

Score

10^/10

Malware Config

Targets

- Target
  
  Smartphone.Tycoon MT.rar
- Size
  
  322.2MB
- MD5
  
  9a3a981eb31f51958058ba06e6d86ec9
- SHA1
  
  0e5abd5c39b7d2eb589ca8bd09560a5448546feb
- SHA256
  
  9a3245e6d3af81f8f515fca1dee9dc5e3aad9c2d263825ce975e2f2d19aa44e4
- SHA512
  
  509cf917409b90544eafcfa3dd500af3516a473ee7a1987b669a926a6632f9e44d65a108ebc26db3b5fcd01e782e6cede7f631216145b4401aa5d0fa1ce638f9
- SSDEEP
  
  6291456:+g048SOYJUUd+hVQQbyViDKPSdjnlZMD8hOowDZMlpfP/wwLKTTTK3V6YV7:+5wqVQHDSSQhcDZMjXl+TXKFV7
Score

3^/10
behavioral1 behavioral2
- Target
  
  Smartphone.Tycoon MT/IGG-GAMES.COM.url
- Size
  
  196B
- MD5
  
  882e17d630d74b64a8176e38e2fadf7f
- SHA1
  
  d6652d568db451c03b73eede688e0124e2d54ebf
- SHA256
  
  6d905d76e7d807c5831231d791f2510160dd56018ae423a037e7ac88fd19412f
- SHA512
  
  2baac743dabdbf133583c4d500699673e0bb2b2ade89f0a660eb17bfb440f1d74814ade3b82eb07d776f6a7c1b1975f25c6c1c500edc589897bc304a9c9fb3b0
Score

1^/10
behavioral3 behavioral4
- Target
  
  Smartphone.Tycoon MT/PCGAMESTORRENTS.COM.url
- Size
  
  202B
- MD5
  
  420715a04de8367bb8d37d57ce1d6d41
- SHA1
  
  710369a636391e43be7149416d8e9b390863babb
- SHA256
  
  c4d6ac03d1b51af3f4127bdd12f2317da8ebf4a7f20402f2139c61d5cf10ab23
- SHA512
  
  8737cec4730f412c18e508076d9fb7af2ab10b4b1637c70c2f76c1c6ca7bca27021cbe56dc3305a4ea7704f7ac2c6e005d02c605a4e7f9b0a709bb94cfc7f457
Score

1^/10
behavioral5 behavioral6
- Target
  
  Smartphone.Tycoon MT/README.txt
- Size
  
  338B
- MD5
  
  9b5ce4aa12b4ace2514ed3d5061a73ab
- SHA1
  
  5573211ca0c545799eb068fde7e42fc26e99fc8a
- SHA256
  
  7c28c990a190a0fd7ce7b47be461e73078e5fc5a8e7efeaae9a64cc564fb6e0a
- SHA512
  
  434bc446efe432911bbdfef8ded3f017b2b045bbb2da181a2c3fed3c416967d04044f6b387545ec09727b6f4c883df8356c3ccf5c9feee6ec0aa7793d4e9fa1d
Score

1^/10
behavioral7 behavioral8
- Target
  
  Smartphone.Tycoon MT/Redist/vc_redist.x644.exe
- Size
  
  13.9MB
- MD5
  
  27b141aacc2777a82bb3fa9f6e5e5c1c
- SHA1
  
  3155cb0f146b927fcc30647c1a904cd162548c8c
- SHA256
  
  5eea714e1f22f1875c1cb7b1738b0c0b1f02aec5ecb95f0fdb1c5171c6cd93a3
- SHA512
  
  7789eabb6dd4a159bb899d2e6d6df70addb3df239bda6f9ead8c1d2a2ac2062fce3a495814b48a3c2bec12f13800ad0703e2c61c35158b0912011b914f098011
- SSDEEP
  
  393216:xTPq5dCsKSR65cX7Eyd/qnejOX3L8T8KYfU3j:VP5iw56oyleejcL8T8fc3
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral10 behavioral9
- Target
  
  Smartphone.Tycoon MT/Redist/vc_redist.x864.exe
- Size
  
  13.1MB
- MD5
  
  1a15e6606bac9647e7ad3caa543377cf
- SHA1
  
  bfb74e498c44d3a103ca3aa2831763fb417134d1
- SHA256
  
  fdd1e1f0dcae2d0aa0720895eff33b927d13076e64464bb7c7e5843b7667cd14
- SHA512
  
  e8cb67fc8e0312da3cc98364b96dfa1a63150ab9de60069c4af60c1cf77d440b7dffe630b4784ba07ea9bf146bdbf6ad5282a900ffd6ab7d86433456a752b2fd
- SSDEEP
  
  393216:S1RPq5dCsKSR65cX7Eyd/qnejOFxP7OEnl4L/Vvc:yP5iw56oyleej2OEnlwc
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral11 behavioral12
- Target
  
  Smartphone.Tycoon MT/Redist/vcredist_x64.exe
- Size
  
  5.4MB
- MD5
  
  cbe0b05c11d5d523c2af997d737c137b
- SHA1
  
  027d0c2749ec5eb21b031f46aee14c905206f482
- SHA256
  
  c6cd2d3f0b11dc2a604ffdc4dd97861a83b77e21709ba71b962a47759c93f4c8
- SHA512
  
  75280d721550c2fa19b4f8d42b87d2fc6017f42709d84d2162c7330f7a0338bbd72cdc3f78626b10edcc602e2d22b174039254824334b3173d0ea48b3c06d1df
- SSDEEP
  
  98304:hsPj6quMcylIpk4nM6tmMUrfvEP0hcKju9Z/lTPU8UBHBKNpr1w36ZyY:+PjzDJ4M6tmXDsPKi1lTPmHipJwqL
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  Smartphone.Tycoon MT/Redist/vcredist_x642.exe
- Size
  
  6.9MB
- MD5
  
  e74f5ac8f39ff69dddce07c8e1f7f943
- SHA1
  
  f283c6f14fea54441697f8d4d1d33cb5a180c20c
- SHA256
  
  4542bf0e828d4428260b2bc975da5bc25d69c060e54176dac1d14b5567ea67d1
- SHA512
  
  893ba3836e03dc14e0cb7e3da6af1cdb436dbed4beb948ec7118816e3483bc7c68ef87e5a4b200588a0f8ddedd3a79843c77a7b1ad0cd1d31df64b43066f6ca9
- SSDEEP
  
  196608:E9OaQ54oYY7jLwXjZ41OON2uk3bQWgtyccMEL:rz5x7jLXkmkU4cFe
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral15 behavioral16
- Target
  
  Smartphone.Tycoon MT/Redist/vcredist_x643.exe
- Size
  
  6.9MB
- MD5
  
  53e6fd636573c63684b1a2aba4b1e19d
- SHA1
  
  393932f2f2958b9fd8b597ea7db1d82e8dd01318
- SHA256
  
  11cb1f23472e6636cc2532c82b5584f1a644b37210a8bf4c339d4f19482acf93
- SHA512
  
  b221f433806cbcede0b57ccd1e75de6d650c7895fec96731bbeb562987b15ba6d629db71cb9cc1f064579ef8ed06ed15fc2bc2014f48e53a5715837cd6e2a8aa
- SSDEEP
  
  196608:c5oyO3CCT/hBxtVtyUVnmSprzVIY7QKAV:qoywCCT/hXQQlrzF72
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral17 behavioral18
- Target
  
  Smartphone.Tycoon MT/Redist/vcredist_x86.exe
- Size
  
  4.8MB
- MD5
  
  cede02d7af62449a2c38c49abecc0cd3
- SHA1
  
  b84b83a8a6741a17bfb5f3578b983c1de512589d
- SHA256
  
  66b797b3b4f99488f53c2b676610dfe9868984c779536891a8d8f73ee214bc4b
- SHA512
  
  d2d99e06d49a5990b449cf31d82a33104a6b45164e76fbeb34c43d10bcd25c3622af52e59a2d4b7f5f45f83c3ba4d23cf1a5fc0c03b3606f42426988e63a9770
- SSDEEP
  
  98304:TsPj6quMBYyuSFOMKykvYgS/ylTpHufHMpPbOZ39c7T3eeom2vJtPShg:wPjzayuSgMKykQgSaTkvMxEYT3OfPShg
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral19 behavioral20
- Target
  
  Smartphone.Tycoon MT/Redist/vcredist_x862.exe
- Size
  
  6.2MB
- MD5
  
  f5a9debf301d714c39757965cad9ba9b
- SHA1
  
  5765fb4e23900e528746d47ef32e205c3013e9da
- SHA256
  
  4ee185ca12347324f684ae383692a880f749ae1385ba53c1b12dbd9ac3150f0d
- SHA512
  
  63c01e8e47282e2dd3cbf7081033593b3976b378e59224817dcc20a906a518622adeaa0b405dca754f172706ce5c75a39afba692618a064216e458835ecc2689
- SSDEEP
  
  98304:7hEKzHx15bWUuBrNatjJh2eNUrzKRL/RaIswn7aBOC5qZxVqFb2iExMc7FvxwGv6:7RDnuBotjJh2emr8L/YIsG7MOgqHG64/
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral21 behavioral22
- Target
  
  Smartphone.Tycoon MT/Redist/vcredist_x863.exe
- Size
  
  6.3MB
- MD5
  
  253773272d79cb515424e78547423948
- SHA1
  
  6ec62445733107785ff6f4cac25bc3fee9e7bcd1
- SHA256
  
  fd8f23c2ed640f7a4b18e55b10ef415febd83cbb8d58338ab71bee693f7e8d84
- SHA512
  
  b1c93b1f7c6641f74279a746d3db2d9a6c25786ead56574fd42046c1f4134fddd84b55455158468a31a167d6a9ce07431ef4d6b07af2ac097e6ed9335594e58a
- SSDEEP
  
  196608:ArKjLs+UIkzHlAv4X6zQRgiwHLD2LQIXG:UKjaxFFP1iLD2LnW
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral23 behavioral24
- Target
  
  Smartphone.Tycoon MT/Smartphone Tycoon.exe
- Size
  
  1.9MB
- MD5
  
  fc29756628077940742f0540bae0ae4c
- SHA1
  
  6612192e8dfd51005fc078e069c971f16b7c3b4d
- SHA256
  
  7c5a8506b85cb9a80d2af9d2106ea02a2b142f1a6289a93d7a8f9aed3f2ebf33
- SHA512
  
  5acb17b0b37d1e8df1ac528a0335a7d5e689c104bc5cc969e67fa67da9e369afd7d01d9133d3ca709f213960833089d67903fa2339498edf0e0aee502e43706f
- SSDEEP
  
  24576:DvVACJt/RbRhLqYAy1Em+cq6vlB7F84Bn6JZUlN7MxU40KbZXH05jbXT1acPrmq5:DvVnLYyNjn6JZUfr4XF0NXT4rHAAA7
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral25 behavioral26
- Target
  
  Smartphone.Tycoon MT/d3dcompiler_47.dll
- Size
  
  3.5MB
- MD5
  
  587a415cd5ac2069813adef5f7685021
- SHA1
  
  ca0e2fe1922b3cdc9e96e636a73e5c85a838e863
- SHA256
  
  2ad0d4987fc4624566b190e747c9d95038443956ed816abfd1e2d389b5ec0851
- SHA512
  
  0fa0e89ea1c1cb27ac7f621feb484438e378a8f5675eca7a91f24e0569174bd848d470d6b3e237fe6ab27ca1eb1ecc09b5f044e53a6d98bf908e77ac511183e2
- SSDEEP
  
  49152:zjmJAksRXmBNgC9ITPPE8WHmy0HRZ+kyOzDJn5c5v5H3pqC23u6q+25omPEyXzjS:zy2Ckrj+kyOv2MJ+6q8kbqS/AF
Score

3^/10
behavioral27 behavioral28
- Target
  
  Smartphone.Tycoon MT/dxwebsetup.exe
- Size
  
  292KB
- MD5
  
  880a353dc9ab4202f2cfbec1cb37181d
- SHA1
  
  0bafee10ed68194fb332d3b46f7d92c8ad962843
- SHA256
  
  6b5c9cec68c7f3c0ba98b8d0b335f1be8ea4cd37fb02b4c81ecc1a95ef6d9578
- SHA512
  
  795db9946ac4bac6af4afcbd2e87671b45c488ea32d61daa821012f0213bde76af1d7ae395b9adfdc0fed5fd80367e232a6bc1d834e7dc9028b885fa908149d8
- SSDEEP
  
  6144:OWK8faaQMbjFtVNtHb7RGb/Mp7mgypysDVpU2drVxP:LaaQMXDFFfp7S5DbU2RP
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral29 behavioral30
- Target
  
  Smartphone.Tycoon MT/ffmpeg.dll
- Size
  
  1.3MB
- MD5
  
  74c32aeaad4d0a45a25395acb42bb7b9
- SHA1
  
  f8d1bb47c1c1b9831d999acf726e55e9497138f1
- SHA256
  
  d487eaf8d444f5f72d0afb822e97096ef168feee4b0b9ee09fe59c812969c5d9
- SHA512
  
  b688fe3d45e31649883652900a470b10081c8109e720822194de764ee311aba8a24dc56b0799e07168d612bddb2d280c141d5bed2dc17eff7905550ec445c9cd
- SSDEEP
  
  24576:723uIlxSnEWR3EjvjfD5Z7kM4p4UG6wn+BKhykOMODT:clBWMjr5Zv4p1wnVXOMOD
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks installed software on the system

Loads dropped DLL

Checks installed software on the system

Executes dropped EXE

Loads dropped DLL

Loads dropped DLL

Checks installed software on the system

Loads dropped DLL

Checks installed software on the system

Executes dropped EXE

Loads dropped DLL

Loads dropped DLL

Checks installed software on the system

Loads dropped DLL

Checks installed software on the system

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Adds Run key to start application

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32