lumma | adc78ea409d4947dc9e69b45f3bee39f5bac08065d09d693f5ef7396028c6133 | Triage

Submit
Reports

Overview

overview

Static

static

3

505b85f9ec...15.exe

windows7-x64

505b85f9ec...15.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

505b85f9ec13a6acd702bc19fd8e2115
Size

2.1MB
Sample

240110-mxejqsdhhm
MD5

505b85f9ec13a6acd702bc19fd8e2115
SHA1

347aa9c5bfec34b0430d30e356149cee1007d228
SHA256

adc78ea409d4947dc9e69b45f3bee39f5bac08065d09d693f5ef7396028c6133
SHA512

431006527007b15910795bcde3f7e1838bcdb43665a68b3f563ba512c36fbfa45e177cc7fb941f5517e0fa6870c0d315db90b90ca7b013d7a79f1b4008188e78
SSDEEP

24576:EzMig4itQi3SwR1lLYezFf0bor7mOUyHw4LYK8i33V8m0cgnxWs:UMig4iRiwZLdzVPpQ4Lz8G3V8m0hxWs

Score

10^/10

lumma metasploit backdoor stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

505b85f9ec13a6acd702bc19fd8e2115.exe

Resource

win7-20231215-en

lumma metasploit backdoor stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

505b85f9ec13a6acd702bc19fd8e2115.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  505b85f9ec13a6acd702bc19fd8e2115
- Size
  
  2.1MB
- MD5
  
  505b85f9ec13a6acd702bc19fd8e2115
- SHA1
  
  347aa9c5bfec34b0430d30e356149cee1007d228
- SHA256
  
  adc78ea409d4947dc9e69b45f3bee39f5bac08065d09d693f5ef7396028c6133
- SHA512
  
  431006527007b15910795bcde3f7e1838bcdb43665a68b3f563ba512c36fbfa45e177cc7fb941f5517e0fa6870c0d315db90b90ca7b013d7a79f1b4008188e78
- SSDEEP
  
  24576:EzMig4itQi3SwR1lLYezFf0bor7mOUyHw4LYK8i33V8m0cgnxWs:UMig4iRiwZLdzVPpQ4Lz8G3V8m0hxWs
Score

10^/10

lumma metasploit backdoor stealer trojan
- Detect Lumma Stealer payload V4
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lummametasploitbackdoorstealertrojan

behavioral2

© 2018-2025

Terms | Privacy