lumma | e005ee700180717d8428c468522781fe

Sharing

Copy URL Twitter E-mail

General

Target

e005ee700180717d8428c468522781fe
Size

1.1MB
MD5

e005ee700180717d8428c468522781fe
SHA1

3b753caa6e01668d3b5f4bb177b1cdd670c2d56e
SHA256

af7cdd5e7699e1c190b9ac4a9c6373aa71f68fd3e847934e7b4de8343c549702
SHA512

0969536512f92b19f99c2cc9afdb0524aa23bc9cc592d668dbe68e798d494b98e8d880ad99df1fa42ef50756712ee40f5bcad6d80f354db83bfd5a0d3af91afe
SSDEEP

6144:qG70EaSutCxAKm+oqZLD16436vUw79zcuJho7tWsk:qG7ISutCxhP5gzNG7tJ

Score

10^/10

lumma

Malware Config

Signatures

Detect Lumma Stealer payload V4 1 IoCs

resource	yara_rule
sample	family_lumma_v4

Lumma family
lumma

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e005ee700180717d8428c468522781fe

Files

e005ee700180717d8428c468522781fe
.exe windows:4 windows x86 arch:x86

4100c66eaff55ea6b64db0d8c60bf6e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAStartup
setsockopt
bind
listen
select
__WSAFDIsSet
accept
inet_addr
htons
recv
send
socket
ioctlsocket
connect
closesocket

kernel32

MapViewOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
ExitThread
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetSystemDirectoryA
GetLocalTime
MultiByteToWideChar
ReadFile
CloseHandle
WriteFile
TransactNamedPipe
CreateFileA
GetModuleFileNameA
GetTimeFormatA
GetDateFormatA
GetLastError
CreateThread
GetFileSize
GetFileAttributesA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
FindFirstFileA
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FreeLibrary
GetEnvironmentVariableW
GetProcAddress
LoadLibraryA
HeapFree
HeapAlloc
GetProcessHeap
VirtualQueryEx
ReadProcessMemory
GetSystemInfo
OpenProcess
GetModuleHandleA
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
CreateProcessA
ExpandEnvironmentStringsA
SetFileAttributesA
GetTempPathA
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
GetCurrentProcess
CreatePipe
GetVersionExA
GlobalMemoryStatus
ExitProcess
WideCharToMultiByte
GetComputerNameA
DeleteFileA
GetCurrentProcessId
CopyFileA
WaitForSingleObject
CreateMutexA
TerminateThread
MoveFileA
TerminateProcess
lstrcmpiA
GetLocaleInfoA
GetLogicalDrives
GetTimeZoneInformation
GetSystemTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
GetCPInfo
GetACP

Sections

.dllent
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dllent
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dllent
Size: 976KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dllent
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4100c66eaff55ea6b64db0d8c60bf6e7

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.dllent Size: 124KB - Virtual size: 124KB

.dllent Size: 8KB - Virtual size: 8KB

.dllent Size: 976KB - Virtual size: 976KB

.dllent Size: 32KB - Virtual size: 32KB

.avc Size: 4KB - Virtual size: 4KB

.dllent
Size: 124KB - Virtual size: 124KB

.dllent
Size: 8KB - Virtual size: 8KB

.dllent
Size: 976KB - Virtual size: 976KB

.dllent
Size: 32KB - Virtual size: 32KB

.avc
Size: 4KB - Virtual size: 4KB