lumma | 8e938e1b74eb68ee2b1061b30c8290b08c0d64b93cbc193c84ee963237a431e2 | Triage

Submit
Reports

Overview

overview

Static

static

3

fd6b82855a...18.exe

windows7-x64

fd6b82855a...18.exe

windows10-2004-x64

Sharing

General

Target

fd6b82855a5dee211180e8e2acfe61c2_JaffaCakes118
Size

543KB
Sample

240420-xnq7aafh7v
MD5

fd6b82855a5dee211180e8e2acfe61c2
SHA1

74fff0793248cc7eb65bd423799e8bb89dd5dde2
SHA256

8e938e1b74eb68ee2b1061b30c8290b08c0d64b93cbc193c84ee963237a431e2
SHA512

f22e05167c16978d72d8db0724cd7f81434c64001cf46add0e90daae5b9b2c5bafcb23ae421b4675b6c86ec903abc68a151dd97d69d7170d1b97bc49b6a606c2
SSDEEP

12288:GDflNwb6MUmxpbMXesgag6sXMZG/wL9SFkmbgbNBELtL:Elk3xdR56sXCaWQNbeNiJ

Score

10^/10

lumma stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fd6b82855a5dee211180e8e2acfe61c2_JaffaCakes118.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

fd6b82855a5dee211180e8e2acfe61c2_JaffaCakes118.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  fd6b82855a5dee211180e8e2acfe61c2_JaffaCakes118
- Size
  
  543KB
- MD5
  
  fd6b82855a5dee211180e8e2acfe61c2
- SHA1
  
  74fff0793248cc7eb65bd423799e8bb89dd5dde2
- SHA256
  
  8e938e1b74eb68ee2b1061b30c8290b08c0d64b93cbc193c84ee963237a431e2
- SHA512
  
  f22e05167c16978d72d8db0724cd7f81434c64001cf46add0e90daae5b9b2c5bafcb23ae421b4675b6c86ec903abc68a151dd97d69d7170d1b97bc49b6a606c2
- SSDEEP
  
  12288:GDflNwb6MUmxpbMXesgag6sXMZG/wL9SFkmbgbNBELtL:Elk3xdR56sXCaWQNbeNiJ
Score

10^/10

lumma stealer
- Detect Lumma Stealer payload V4
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy