lumma | 2d27d929651f167d690fa610fa8fbcfb33d0d30ebc158ef50a8bc62000270ca7

Sharing

Copy URL

Twitter E-mail

General

Target

Executor.zip
Size

17.4MB
Sample

240423-xerfpaag8t
MD5

1dbdc2d973bb635af23dce2b3508b4b2
SHA1

5ac7a01ad84a289d11703915d3de46523e5c5f23
SHA256

2d27d929651f167d690fa610fa8fbcfb33d0d30ebc158ef50a8bc62000270ca7
SHA512

7cfcd53812753bc666a102248349c1b9b865ae5ec126da346c4c63a64a2e7ba4f4cc3beef8584c848f55be7d9516b1af9756c6c6cf8eebcaa5ed2d68088f315b
SSDEEP

393216:ASF3DRs2CI7Ba2YdSo0y8iigVfwj7QVAmFGro0y8i7X:ASpDR62Yd0ii3EVAmArij

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

- Target
  
  Executor/Injector.exe
- Size
  
  1.2MB
- MD5
  
  9d6470e951494e2195189b03bf47c9c2
- SHA1
  
  f99012e40e258b79f7b97b9efe91e7f01d93d5be
- SHA256
  
  2c9f5f678d8c8448cab83d4a855100b347ce50ac7d495a156b72edf81389cc9a
- SHA512
  
  fbe68915cd1445050a5e2450455425f66ad7cc1622eeb38a0a77f964af8c2c1008746dc12cc13b0339ec6a301a59f8edc6465c030f6b3eead2c038cbf1ed725d
- SSDEEP
  
  24576:isMl5IXhqt4J3jo09c2ga8eFUJspf8fVuYX560FCX:ifTt4J3jo0M1sd8fRJVY
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Executor/app/Qt6Gui.dll
- Size
  
  7.4MB
- MD5
  
  b8f3c8eeaa963fd96c12fa36c5af6593
- SHA1
  
  64513814ebc555121a83102e27649f710c9fc37f
- SHA256
  
  d2da55714d56e0af7c033fd0a84dd1dcd669e976abc07861e70b054c7d08c01e
- SHA512
  
  b8d8cfe1f58bc77b8e90fb80996223b7df075113c113a2016b15840a04eb36a5cc687639ab267af5bec6185f5ca4d5b847e9ec3c2cc9ff38f9144852c2e94a42
- SSDEEP
  
  49152:r+F5DQxeQIZzobeYujoAp/NedguLYtKUv+UFrf9S4l/gXkfCSd44hP/YgGjh8nt0:tbe5jtKWFrflHSxi4TJkhC3D26wo6n6R
Score

1^/10
behavioral3 behavioral4
- Target
  
  Executor/app/Qt6Svg.dll
- Size
  
  352KB
- MD5
  
  28bb5df96d6424a9f642fcb8207b44a1
- SHA1
  
  14762fe8238f70bdc2aece5fb7ab6ca71eafc2f3
- SHA256
  
  35d1795e43522b1cf751b57ea3eaeed4505d262c7264b11b82e2e593c5d6a2b9
- SHA512
  
  62fa66f0eab6d56e8f13335aa587de26e3c24684be53a50de9fd7e7d676537f6638c87003388877becb2007dea1bf1b619fa26612dcc7c272cb78537a2aa6eae
- SSDEEP
  
  6144:63COQIjZXPAQLdu7kGYRxyAjjtK2zlaTq+clpiQ89UNmcbqjEG:63GgdIWRxyKk2vqjEG
Score

1^/10
behavioral5 behavioral6
- Target
  
  Executor/app/Qt6Widgets.dll
- Size
  
  5.8MB
- MD5
  
  c34ca583731d7fd60a9575aadfc0fbe2
- SHA1
  
  96e86d5eb5f7755dff0c71a52057d53d5af8a760
- SHA256
  
  37f8afad175e298e9cb2f4aaa33a0c1817f39cc0435afae7e160d0ea16d808da
- SHA512
  
  0c3137f0a3fa52a442e92cdfb9579f0be24a637c17ea6648701646c21c2a60ea156d4530f83cc532204ec6dd359e29d8d70ebd1fd6453dffbd3a225a86c18a97
- SSDEEP
  
  98304:Fjbh9QAPhepBdMqfSNvzHdCfy3DZmajP3mK0XjB+tW8VQ0:93QAPhUBdMqfSZzHdCfyIajP38jB+tfJ
Score

1^/10
behavioral7 behavioral8
- Target
  
  Executor/app/d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  03a60a6652caf4f49ea5912ce4e1b33c
- SHA1
  
  a0d949d4af7b1048dc55e39d1d1260a1e0660c4f
- SHA256
  
  b23e7b820ed5c6ea7dcd77817e2cd79f1cec9561d457172287ee634a8bd658c3
- SHA512
  
  6711d40d171ea200c92d062226a69f33eb41e9232d74291ef6f0202de73cf4dc54fbdd769104d2bb3e89dc2d81f2f2f3479e4258a5d6a54c545e56b07746b4c4
- SSDEEP
  
  49152:xCZnRO4XyM53Rkq4ypQqdoRpmrgBVYvkaRwv/ZD0/WYLDltog/RfznLeHTRhFRNI:YG2QCS6HHzog/pznA7T6VP
Score

1^/10
behavioral9
- Target
  
  Executor/app/libcrypto-3-x64.dll
- Size
  
  5.5MB
- MD5
  
  e44f061848ba02b0e71d156d10c6444b
- SHA1
  
  c808588a79f7597ef36dbc2f5543a91c4dbf22d1
- SHA256
  
  b3983ba1e46123fe561333cc5922e6e8c3b896646eedac2c4cd8825cbecb0396
- SHA512
  
  fff5644bd8db442707e9ef95e767504f31adb654b3cbcc7359839f992faed9efb98ce11257cf77667e39a886763282236a7aff7d67369fa3e2e50ffd28b38bf9
- SSDEEP
  
  98304:ZoL+XAiFU00rzDk+uiXdyeu8v5ZPz+B1CPwDvt3uFTDC1:ZeUdU00rzDH99u8v5ZL+B1CPwDvt3uFg
Score

1^/10
behavioral10 behavioral11
- Target
  
  Executor/app/libssl-3-x64.dll
- Size
  
  716KB
- MD5
  
  522c2ad48f83de6f95e558cd650f2d6a
- SHA1
  
  eb235f7448b69da83617814f9c150ff752a9468f
- SHA256
  
  6196966d0d5c9956a7e8352d613cd178973b589124b229a0c7c776efaf495268
- SHA512
  
  b3af585056008243f821626975bdc28888065b28a1a39d9dc1b8193bc81a05316089febfba2720af6fb7c2df5b49c5b1226bfdaaaa0130d7cb8d15a43dbdd4cd
- SSDEEP
  
  6144:o4KWAzvzdyUN7bU9bXCiRl/qjCQnR6f0v2bykNW/YotN/ZRealnbkTNZE:o4hsU1SiRl/i+LbDNmZdlnbkTNZ
Score

1^/10
behavioral12 behavioral13
- Target
  
  Executor/app/modes
- Size
  
  6B
- MD5
  
  bea07e6d2b8dce396fe21baa61b34956
- SHA1
  
  665332b36fc8fa1ed11210cdee83b639b451e592
- SHA256
  
  2e08d1f6000aef541797d008c05ac36f4dbebfb36cbac5615788e6fcc5b300a7
- SHA512
  
  4ad82fbef6d8d3f4d0b90a9399c8b405674bad0c750e385fb034e57895838fd26d7926f6ed0ccab2e2afcaf4a23613ed8f16d909bff870b40187e22e0a6362c1
Score

1^/10
behavioral14 behavioral15
- Target
  
  Executor/cfg.dll
- Size
  
  352KB
- MD5
  
  28bb5df96d6424a9f642fcb8207b44a1
- SHA1
  
  14762fe8238f70bdc2aece5fb7ab6ca71eafc2f3
- SHA256
  
  35d1795e43522b1cf751b57ea3eaeed4505d262c7264b11b82e2e593c5d6a2b9
- SHA512
  
  62fa66f0eab6d56e8f13335aa587de26e3c24684be53a50de9fd7e7d676537f6638c87003388877becb2007dea1bf1b619fa26612dcc7c272cb78537a2aa6eae
- SSDEEP
  
  6144:63COQIjZXPAQLdu7kGYRxyAjjtK2zlaTq+clpiQ89UNmcbqjEG:63GgdIWRxyKk2vqjEG
Score

1^/10
behavioral16 behavioral17
- Target
  
  Executor/data/Qt6Core.dll
- Size
  
  5.5MB
- MD5
  
  a42d8142092885a83fc779f660466a0c
- SHA1
  
  106232efdb591364a78638f27fc2067717a65868
- SHA256
  
  abf826a5763c4b3517258f07060a7a93f4d47ae14f79253304dc2a4dbe0d98a2
- SHA512
  
  8ffbb942f996bb89b871b73494c0a9b913316e6440e263b3416604ac294cf987039db979f55aa61c34869a101cbc6a9db0323aee71a847840ace4e652639f98c
- SSDEEP
  
  98304:yQy5Dm1rBBUv18MKFdu9CwJsv6tfxT/3wrgV9:yBxQrBfMKFdu9CwJsv6tfxT/3wrgb
Score

1^/10
behavioral18 behavioral19
- Target
  
  Executor/data/Qt6Core5Compat.dll
- Size
  
  815KB
- MD5
  
  04d6912cee34c2bedac1ae1329d17f26
- SHA1
  
  9702ce6183b37c58eb9f2621faba4cadb095b1c3
- SHA256
  
  32e8999c29fbd4911f233069c6c1fd6aff79aca8c239674e9a96ae14ded5b86b
- SHA512
  
  bc6c48618d7238032798080bbc14eca2c84b482870d0e6a00639668ed0f7c868878bc68dfcf72cda7c9ceb1f4048ec7fae294d990e208c109cf2b14983c02829
- SSDEEP
  
  12288:cUsUZzad+X3A9EBpQPGE/4717VKIdBDPzHkScGGcfjYfgdnb3jcBE7:YURx3A6YG7VNDPTtsfgFbQBi
Score

1^/10
behavioral20 behavioral21
- Target
  
  Executor/data/Qt6Network.dll
- Size
  
  1.3MB
- MD5
  
  4d101c62f1b454b432e66b29683b684a
- SHA1
  
  af7d8a756eaa146f8284f71a09a06a8f3f0fb0d0
- SHA256
  
  ad92ea3b43d4602b554a50d18d739ee2ee9fcaf47ac82f30aa8143f82fbea932
- SHA512
  
  681c80fa9388b8f4dafb5db651dda853bf7031b4ad3442d19d5c18946a90269c691fe9a36e89236c285d1a5f4f3bc44e8d52a0ccb0c459afc24203d4a5a88f20
- SSDEEP
  
  24576:Lm9A+x2ooRka77eu2RFV1dapLTTAErq67Lv:Lex2lRx70FXzErJ
Score

1^/10
behavioral22 behavioral23
- Target
  
  Executor/main.dfb
- Size
  
  6B
- MD5
  
  bea07e6d2b8dce396fe21baa61b34956
- SHA1
  
  665332b36fc8fa1ed11210cdee83b639b451e592
- SHA256
  
  2e08d1f6000aef541797d008c05ac36f4dbebfb36cbac5615788e6fcc5b300a7
- SHA512
  
  4ad82fbef6d8d3f4d0b90a9399c8b405674bad0c750e385fb034e57895838fd26d7926f6ed0ccab2e2afcaf4a23613ed8f16d909bff870b40187e22e0a6362c1
Score

3^/10
behavioral24 behavioral25
- Target
  
  Executor/updater.dll
- Size
  
  5.8MB
- MD5
  
  c34ca583731d7fd60a9575aadfc0fbe2
- SHA1
  
  96e86d5eb5f7755dff0c71a52057d53d5af8a760
- SHA256
  
  37f8afad175e298e9cb2f4aaa33a0c1817f39cc0435afae7e160d0ea16d808da
- SHA512
  
  0c3137f0a3fa52a442e92cdfb9579f0be24a637c17ea6648701646c21c2a60ea156d4530f83cc532204ec6dd359e29d8d70ebd1fd6453dffbd3a225a86c18a97
- SSDEEP
  
  98304:Fjbh9QAPhepBdMqfSNvzHdCfy3DZmajP3mK0XjB+tW8VQ0:93QAPhUBdMqfSZzHdCfyIajP38jB+tfJ
Score

1^/10
behavioral26 behavioral27
- Target
  
  Executor/version.dll
- Size
  
  716KB
- MD5
  
  522c2ad48f83de6f95e558cd650f2d6a
- SHA1
  
  eb235f7448b69da83617814f9c150ff752a9468f
- SHA256
  
  6196966d0d5c9956a7e8352d613cd178973b589124b229a0c7c776efaf495268
- SHA512
  
  b3af585056008243f821626975bdc28888065b28a1a39d9dc1b8193bc81a05316089febfba2720af6fb7c2df5b49c5b1226bfdaaaa0130d7cb8d15a43dbdd4cd
- SSDEEP
  
  6144:o4KWAzvzdyUN7bU9bXCiRl/qjCQnR6f0v2bykNW/YotN/ZRealnbkTNZE:o4hsU1SiRl/i+LbDNmZdlnbkTNZ
Score

1^/10
behavioral28 behavioral29

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29