lumma | deab75d2e89891239e839490152f1149158b33cff13ee446928e7d3d67fc8ecb | Triage

Sharing

General

Target

NewVersionUnlimited.rar
Size

17.7MB
Sample

230417-wg8x3sfd68
MD5

ebd4ac39f75a38b68e321d4fea001527
SHA1

d5d49f77085bbded4f689f25814e42e7c0e99e37
SHA256

deab75d2e89891239e839490152f1149158b33cff13ee446928e7d3d67fc8ecb
SHA512

fa8612809a3adca29b2ce817a9de5d3dc6766199317306335eabf75ff06f99f601ffe37b55cac9dcc5b445e097367b78958b497d45337fdf1ddc9f2f94ab934d
SSDEEP

393216:Krgh7Yznyz6HgD9j/A6/HeH8Di4eJoMw58DSY37tZLYHQgUJ4YKe2Z:K8lEy+a9c6lWS5MxYfFeG

Score

10^/10

lumma discovery spyware stealer

Malware Config

Targets

- Target
  
  NewVersionUnlimited/Desktop_Full/Setup_x64.exe
- Size
  
  960.0MB
- MD5
  
  8801c44f20d810411e5015d9bb1cfb01
- SHA1
  
  0211ae7e82a190097c431cc6aa766bbd6d9cf4a9
- SHA256
  
  31859d5fe22e7fe5bdcc031c27700fc673f2faa72818f31af70f634e91fcea04
- SHA512
  
  0d563e9fa5becb8f1bc39e05c91ea51fdd6302d5b41e3e6d893188a065493c0a1e9f81cb4f9d04c5ca424068ac3a7c49c1ae23780e304c51ba2df416a63db3f4
- SSDEEP
  
  12288:zQG3z3XrM0eByOYtjBoE9k2FJGvnPCsyyceGUZTTDFw8IvD8opkNMf4CMON1:zRz37oYOE9DJmnPCZycUZTTM1kstJ
Score

10^/10

lumma discovery spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  NewVersionUnlimited/Desktop_Full/app.dll
- Size
  
  121KB
- MD5
  
  768a1c4e4fc28a2c8addd11e70f824a4
- SHA1
  
  b7ed732e19a37fe248d0d7934ceb9944f4e5bcad
- SHA256
  
  f1d56cdfc9c7761b3fd1cd7dc9dd98c6c0494fc525d970c4d8df1e1b32ccc9be
- SHA512
  
  4582b50a063f2507fec67ca7749b3405e2f60692094aa510a9bb8778d0ef2b156f6c9837e79dc2a41cf03e92caac721d5052319a96aee184a3db465aa053d5fe
- SSDEEP
  
  3072:6Ep7lUDfjvMyJfZOG6p/VtW+AtpFrpqpqpvKINZ4F49Sp6gxy:6EXUDfjvpBqttg/93
Score

1^/10
behavioral3 behavioral4
- Target
  
  NewVersionUnlimited/Desktop_Full/configs.dll
- Size
  
  471KB
- MD5
  
  ee220e800cb5af38e60f26b51999b105
- SHA1
  
  194c0891d7a9cec5fd8f4af5e9dd9ef28a967053
- SHA256
  
  08430abbc4eabd0615f42286038bac373f24ac8fe1117b2e304428bab7e143fd
- SHA512
  
  b776e9457f5ccf367aecf0816152602c5bfc206322d7e1134a2fd23673d51c4427a4b54fe35f4079c6470c06d2bfadd2b1ef5541dde7ea1f17be842d184978a8
- SSDEEP
  
  6144:/KK400WTwtX+fGPufBERUtk+Q4kiwoF0YG+L2Wf/xLu6:/5fiufqeBEHgGpY2Wf/dL
Score

3^/10
behavioral5 behavioral6
- Target
  
  NewVersionUnlimited/Desktop_Full/locales/props.pdf
- Size
  
  4.8MB
- MD5
  
  14be1a795384cd395c1bdfa709444e5e
- SHA1
  
  13d06e5790c5715353f12e09e031e7d9d0e2cfff
- SHA256
  
  9c4d05e68cb5c25b6d0e72c6b623225eae8228c19d9aa47e3d1619ec6282ae11
- SHA512
  
  79ef92e41a80f9f097f3b399bc82f6e5a525138e36d84762ca6b0555c87c867dee6a2920042977f5fde1dad2c678d1d8a046813a0686e2b94cc8abd381e341ba
- SSDEEP
  
  98304:DTlgXoy8gKaDgoBbzlyAPYyR5IMc56mnAepeSb0SRSn/B:Dhqoy8gBDgojyAPY8mnAKbvInJ
Score

1^/10
behavioral7 behavioral8
- Target
  
  NewVersionUnlimited/Desktop_Full/modules.dll
- Size
  
  907KB
- MD5
  
  dc05f0b8f1a32e872721d3486e6332b8
- SHA1
  
  dbf055b0f934640fadcfaa93971fead8df7a3869
- SHA256
  
  37ec5f998a5c376d4fcd4342b43a4163d1f043e0f7711e46677cd30013882723
- SHA512
  
  0f89d713237ef11a1ef8d824ad9767bb13fb4f5f334acdd65af0ba6e54cec4a910398636683254b3fe4d46a069a1781187313684ff827a907b8b968134f6efa0
- SSDEEP
  
  24576:z0OY4ZFajHYDTR2yfVbf+c6Z5WODYsHh6g3P0zAk75:z0CZFaj4HR2yfVbd6Z5WODYsHh6g3P03
Score

3^/10
behavioral10 behavioral9
- Target
  
  NewVersionUnlimited/Desktop_Full/platforms/qwindows.dll
- Size
  
  1.4MB
- MD5
  
  ac584cbeb327e9d2364873f451e074be
- SHA1
  
  eb2d7b7f38c880ae4bc4f32c50e10e73ee15c816
- SHA256
  
  1fa4d2f13d22d9a859503d7b7c87ba39d379d9a14afcea7299d572eabb2bdf57
- SHA512
  
  4fca1fa9494799f382318d329a3040bc067d55e7cd99be6d768e975fb585f61f8c1360908284bb04c055dcf21a164464305e9255d52b1c57a0cfc49eea003203
- SSDEEP
  
  24576:X/JCM63NAI9HwxZ3tVuItJKLOlxrbzxTbhE3Yd3ZAX2NyX:XxlAL9Hw73aItqOPDxPUY4X
Score

1^/10
behavioral11 behavioral12
- Target
  
  NewVersionUnlimited/Desktop_Full/res/langs/Hungarian.ini
- Size
  
  107KB
- MD5
  
  7591df7fae4342cbc7a0706e1b28e87b
- SHA1
  
  825e88ad498e8713522f5aef3b21ee01d6fa8b41
- SHA256
  
  fe9997629d296908247a2e82da6c369e2ea7eb4c87b12fc7c8d3ecb3e6fc320d
- SHA512
  
  8f58c6fbaf5ea140a3ecbbc88cbf4bdd0e0ba3fbdf169f4b7cb831094a47a6ead103f89fc07748f91d1396ebd13c7ebcc90a316f0eb203ff4c86a50be5cd3ca4
- SSDEEP
  
  3072:UaKBsDgGod8NAH4iyf8kXrLfKgL6YhL+L3yGU:73X
Score

1^/10
behavioral13 behavioral14
- Target
  
  NewVersionUnlimited/Desktop_Full/res/langs/Korean.ini
- Size
  
  91KB
- MD5
  
  efae0c78be2abe2920c78b9d4785ab45
- SHA1
  
  8c0799fb68852cb071bbe260deb4ab357bd5f4ed
- SHA256
  
  ad556989f6e4a683d9668e41d2d7175b7b46847c2eef26188b9075fc600d0132
- SHA512
  
  44737be4d4bd0f93ca3e986c89102612932f3749b8e9b89446a567cff60ceb856b4bd7380da7fe3f1809579e6ec2162d0cdd4a217935a4961c6b36a482dd4ac8
- SSDEEP
  
  768:wPYhkzQl6qE7rY+xuPAsyKVmq8Ag8lyWqFk5ziCfsg8S+EZNlWJ7lxyBiCWfbMav:HSzQlc7siCmq8AFlBmLfbNA2Nt7osVP
Score

1^/10
behavioral15 behavioral16
- Target
  
  NewVersionUnlimited/Desktop_Full/resources/talpid_openvpn_plugin.dll
- Size
  
  3.5MB
- MD5
  
  b4afe105cc0e654d1edc41489ab709c4
- SHA1
  
  069781d90383978973e7afa6b9f1b730d781235e
- SHA256
  
  e0d947b7041d90eae87e6898822787bdc8452b8a403c42de901e46a0a04c46cd
- SHA512
  
  fff37ae7bdd3a86fa7a955b9acca812e1616dbdaac2c88f910706fd298457a981d526b7af25e7d810799e1718240f1a28bc4be2bcbc8d68dc3211707db92d573
- SSDEEP
  
  49152:0X6/nC0NttPHG8BWULqD0eBcLN6F1Vm15m56pi1APaVBZpDO+kGDYpb:FdXm8BWULqYTOBJkGs
Score

3^/10
behavioral17 behavioral18
- Target
  
  NewVersionUnlimited/Desktop_Full/resources/windns.dll
- Size
  
  332KB
- MD5
  
  552219fdd9173b217aba3db68df04e3e
- SHA1
  
  dbf9e53fb8b2e03d56ffc7eb04b762b5f8042e10
- SHA256
  
  da43d5afa635f7aca161547b7b668cbb60c3aeb5da6489b826d461ac7971b266
- SHA512
  
  01350c5d32a663d01f0356d4733a35a9706a4f9c2c970096c95a68f4de07892b1247f1a997270b9ce7483385e29ccb8f86a9faa40632ac1d69defad7e79238bc
- SSDEEP
  
  3072:7ffmEV5hr5tbloQPoFjGTwS6p7s8dZeZ77Pahm6IBaIWyeQBAQAXLSoY46wAmRmF:Oc50LdAZ77Pa36eQVA2ohhv0N
Score

1^/10
behavioral19 behavioral20
- Target
  
  NewVersionUnlimited/Desktop_Full/resources/winfw.dll
- Size
  
  466KB
- MD5
  
  215a14fcba6a740fd2388123fae7389f
- SHA1
  
  3004e0a464412c212d13a04edfccf6747c16670d
- SHA256
  
  525b50a6c71f45e5472a8924d315e92ba5d1ede10ad19404eae9c5cc6e0df780
- SHA512
  
  25fd7ef88ce5a877451eede3b010df2c612b48f6c25a0f8fdc1820800ef47e9eb43ae5d85efb07528ed6c66a421c8ae52f240525209fd8662dfdfb037a88826a
- SSDEEP
  
  6144:h7qIzPZo2y3Td+UOJ9zw8MvjmjJ8kohKz2KRjri50:UIzPZM+Ls8+Yqko4p5/
Score

1^/10
behavioral21 behavioral22
- Target
  
  NewVersionUnlimited/Desktop_Full/resources/winnet.dll
- Size
  
  453KB
- MD5
  
  9cbc92d962c6c25656758363c7eb1f03
- SHA1
  
  a0202404f0e8d0eddfa928f55295a5ac09203340
- SHA256
  
  231b2781179a97b353179c330ab7fe244258dc2bc5ccd006f5d0f03436e27d5b
- SHA512
  
  ca7ba95a26ebb5e814ac4a54b9d8bba043688483b38b877d40e09644c840a54aa94c122032369e7fa42a29308673d0c5f56c57f8080de535e4cea8b287baf972
- SSDEEP
  
  6144:7agIZ9/MuoWsz7qR828KLe4No+7oSDThyhVWmlynXoh4I3x95iGo:7G0z7qRtC4NvbQsXojZTo
Score

1^/10
behavioral23 behavioral24
- Target
  
  NewVersionUnlimited/Desktop_Full/resources/wintun.dll
- Size
  
  712KB
- MD5
  
  530aabf98f4e6deb74c4b2af7f31b6b1
- SHA1
  
  21b4749d835b0f570a28bb1adee14aea561126d2
- SHA256
  
  8a0581991caf829cd92b27aabcb2bab618cc8fbc887d8f86a533c95d2e3f17d4
- SHA512
  
  a5f6ca949a105696e7b96c0617189c823b919c14f1ce6111302c3a90f70e5bacf1c7835ec422b6d20b339d76ffd338a008ebcb7e6fe383915747d15cd8490b55
- SSDEEP
  
  12288:LAVTLwnjv4ENcWpYAFjIxzy6hr/O0HysdYz/OwcV+q:e3e45mDyyg2lcV+q
Score

1^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoveryspywarestealer

behavioral2

lummadiscoveryspywarestealer

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26