lumma | 0ffabe170a6af62d45d473983cead3e6

Sharing

Copy URL

Twitter E-mail

General

Target

0ffabe170a6af62d45d473983cead3e6
Size

2.8MB
MD5

0ffabe170a6af62d45d473983cead3e6
SHA1

d8a191d949de7fa1a18b42e146461a455bf13fcb
SHA256

e05d0054c7b7f93178065fc2002ee09a39475080d9e386d398623d81965622a8
SHA512

0d2df666ae8b141da769353d7a50bd2a94917281341fd6eaecfff9afb9fc1923db0dfdd02c0ef3ebc85bd7e609518d1ad90dc7ba9891d455e0861a16cebb31c8
SSDEEP

49152:/XLPvEOBj/kE1+xXd7XiG1Qm+kB28S7ugdZBUXkgd0iT6mDBerm:/TvbJEdTiG1QXkI8S7VZBUXp3T5DEr

Score

10^/10

lumma

Malware Config

Signatures

Detect Lumma Stealer payload V4 1 IoCs

resource	yara_rule
sample	family_lumma_v4

Lumma family
lumma

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ffabe170a6af62d45d473983cead3e6

Files

0ffabe170a6af62d45d473983cead3e6
.exe windows:5 windows x86 arch:x86

19f3aac12350c3fbea91f4db0d2052d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetVersion
GetConsoleCP
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetFileType
SetStdHandle
HeapSize
ExitProcess
CreateThread
ExitThread
HeapReAlloc
RaiseException
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
DeleteFileA
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
GetCurrentDirectoryW
GetFileTime
GetFileSizeEx
SetErrorMode
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringW
GetPrivateProfileIntW
GetTickCount
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetThreadLocale
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
WaitForSingleObject
GetCurrentThreadId
ResumeThread
SetThreadPriority
FreeLibrary
GetCurrentProcessId
GetModuleHandleA
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
lstrcmpA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
lstrcpyW
CreateMutexW
OpenMutexW
CreateProcessW
CloseHandle
WriteFile
SetFilePointer
GetFileSize
CreateFileW
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentProcess
FindClose
GetFileAttributesW
FindFirstFileW
GetModuleFileNameW
Sleep
WinExec
lstrcmpiW
lstrlenW
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetCPInfo
MultiByteToWideChar
lstrlenA
GetVersionExW
GetCurrentThread

user32

SetCursorPos
DrawFrameControl
UnionRect
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
OpenClipboard
EnumChildWindows
LockWindowUpdate
SetClassLongW
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
WaitMessage
SetParent
GetSystemMenu
IsRectEmpty
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
UnregisterClassW
LoadCursorW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
CharUpperW
CreateDialogIndirectParamW
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
IsDialogMessageW
CheckDlgButton
SetRectEmpty
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
EnableScrollBar
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
PeekMessageW
ValidateRect
UnhookWindowsHookEx
IntersectRect
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxW
EndPaint
BeginPaint
GetWindowDC
DestroyMenu
GetMenuStringW
MapVirtualKeyW
GetKeyNameTextW
PtInRect
ScreenToClient
KillTimer
IsWindow
GetFocus
SetWindowLongW
LoadMenuW
IsWindowVisible
UpdateWindow
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
IsCharLowerW
MapVirtualKeyExW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
CharUpperBuffW
SetWindowTextW
SetTimer
ReleaseCapture
GetCursorPos
SetCapture
DrawIcon
IsIconic
LoadIconW
FrameRect
LoadImageW
GetIconInfo
CopyIcon
SubtractRect
GetDoubleClickTime
GetWindowRgn
BeginDeferWindowPos
GetMenuItemInfoW
DrawTextW
GrayStringW
DrawTextExW
TabbedTextOutW
SystemParametersInfoW
DrawIconEx
DestroyIcon
GetSystemMetrics
GetDesktopWindow
GetDC
ReleaseDC
AppendMenuW
GetMenuItemCount
InsertMenuW
ModifyMenuW
EnableWindow
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
RemoveMenu
DeleteMenu
GetSubMenu
DestroyCursor
GetWindowLongW
SendMessageW
IsMenu
GetNextDlgTabItem
GetParent
SetCursor
InvalidateRect
ClientToScreen
WindowFromPoint
GetActiveWindow
GetWindowRect
PostMessageW
InflateRect
DrawFocusRect
GetClientRect
OffsetRect
DrawStateW

gdi32

GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
GetDIBits
RealizePalette
CreateEllipticRgn
CreatePolygonRgn
Polyline
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
OffsetRgn
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
GetClipBox
GetBkColor
GetTextMetricsW
GetDCOrgEx
CombineRgn
SetRectRgn
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExtFloodFill
ExtTextOutW
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileW
CreateRectRgnIndirect
CreateRectRgn
CreateFontW
GetMapMode
SetMapMode
DPtoLP
StretchBlt
SetStretchBltMode
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
Rectangle
CreateHatchBrush
PatBlt
SetPixel
GetPixel
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32W
BitBlt
CreateFontIndirectW
PtVisible
RectVisible
TextOutW
GetDeviceCaps
CreateSolidBrush
CreatePen
GetBkMode
CreateCompatibleBitmap
ExcludeClipRect
Escape
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegEnumKeyW
RegSetValueExW
RegEnumKeyExW
RegQueryValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW

shell32

SHBrowseForFolderW
ShellExecuteW
Shell_NotifyIconW
SHGetFileInfoW
DragFinish
DragQueryFileW
SHAppBarMessage
ShellExecuteExW
SHGetPathFromIDListW

comctl32

ImageList_GetIconSize
_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathIsUNCW
UrlUnescapeW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
DoDragDrop
OleGetClipboard
CoUninitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
CoGetClassObject
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx

oleaut32

SysFreeString
SysStringLen
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetSetOptionExW
InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetQueryDataAvailable

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

winmm

PlaySoundW

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19f3aac12350c3fbea91f4db0d2052d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

gdiplus

winmm

imm32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 323KB - Virtual size: 323KB

.data Size: 26KB - Virtual size: 89KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 154KB - Virtual size: 154KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 323KB - Virtual size: 323KB

.data
Size: 26KB - Virtual size: 89KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 154KB - Virtual size: 154KB