lumma | a876e5b597b87eed8c8065ceed5527ac56bbefb92bc37e1b4fee53a8828f9c80

Sharing

Copy URL

Twitter E-mail

General

Target

FILMORA 13 (BY JOCO).exe
Size

1.1MB
Sample

240525-llr51scg5t
MD5

acb5eba73001eca23e1318e6e412d325
SHA1

1fe56d785650016ee6c1ef61789c87bac50455e0
SHA256

a876e5b597b87eed8c8065ceed5527ac56bbefb92bc37e1b4fee53a8828f9c80
SHA512

3e83be0ec63a56817baffc1ee41f7c19e3e2305ae48a157e42ee34488b8b6420e36203cd952a670da39aeaf1d476ad507466c3c588e88bc89330cecbb908bdde
SSDEEP

24576:kI0Jn5RrhGTWAiFAIBifnwnN9SKi1cpMbPIY8bl:F+n5xhGSAsMfwN9SkxY8bl

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://survivalpersisttww.shop/api

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

- Target
  
  FILMORA 13 (BY JOCO).exe
- Size
  
  1.1MB
- MD5
  
  acb5eba73001eca23e1318e6e412d325
- SHA1
  
  1fe56d785650016ee6c1ef61789c87bac50455e0
- SHA256
  
  a876e5b597b87eed8c8065ceed5527ac56bbefb92bc37e1b4fee53a8828f9c80
- SHA512
  
  3e83be0ec63a56817baffc1ee41f7c19e3e2305ae48a157e42ee34488b8b6420e36203cd952a670da39aeaf1d476ad507466c3c588e88bc89330cecbb908bdde
- SSDEEP
  
  24576:kI0Jn5RrhGTWAiFAIBifnwnN9SKi1cpMbPIY8bl:F+n5xhGSAsMfwN9SkxY8bl
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $INTERNET_CACHE/Aa
- Size
  
  68KB
- MD5
  
  fb9095392691fe46b68c700d50c4baba
- SHA1
  
  92517b3ef6f8353c8d923eda240011bb842d380e
- SHA256
  
  5995416df42c8637e6a7d90cf9c2afa2945426147c5f7bd52ad2bf71b5359076
- SHA512
  
  42e836ec88e8d256c6128adccdcb5d9d2904cb03ffcbd281d9a058984322308bbb218202826f0698b68c42b43ace04fdf0c4878996fca7d5fcd891a54e6691ce
- SSDEEP
  
  384:rKj7c88888888888888888888888888888888888ygIVPsjnQV6QvXdoooooooor:uKgItUHiG5
Score

1^/10
behavioral3 behavioral4
- Target
  
  $INTERNET_CACHE/Advocacy
- Size
  
  48KB
- MD5
  
  e26a559dde37f92271827ec4ed2adb13
- SHA1
  
  37f4c674d82d3460fcc24554f5d11a8a4544aa0d
- SHA256
  
  527c08426c6e685cdc21a19de0a7fc2d7786f6c56a91ff6523887c10c4bb1d8d
- SHA512
  
  ad89ffb0470107adf10ccd2e90ff51c7423f31c407f05010a2cab07c257d49a409ba1058de9f75ec5f4805ff2bce4f1dc7e3b47c1770f40b36b28ab3c5f1b31b
- SSDEEP
  
  768:BZmwfHh17McqQHEdQ7iwDIUKo+jBAfe6TtgguvkFec+jJ5PZvimdFiFGbt:XkdIlDbKffUCJ5h3FH
Score

1^/10
behavioral5 behavioral6
- Target
  
  $INTERNET_CACHE/Applicants
- Size
  
  71KB
- MD5
  
  6cc470c103bc3db5998d4e7b7d88256d
- SHA1
  
  8a951ad26262fb29e8a244d823ec235abbba215e
- SHA256
  
  29618cdc3196dce7c2253eacb18ef0a092355a3d3e1fb0169637a7a3a34cfb43
- SHA512
  
  356dae535f69441ea7d5457e65f98eb62e9cae28718cd64b8cba4a5784f2a4934030ed3106e26362ca1a96fc7d21461477c8ceaf18495dd98f9f10e0c19a457d
- SSDEEP
  
  1536:Do5DMTejNHRIapWwtG//2dhvp8bcgryocNS+jgh7XHoK7z48Zm:E5S6NHntGH+BWxypUhzHoK7z4km
Score

1^/10
behavioral7 behavioral8
- Target
  
  $INTERNET_CACHE/Associated
- Size
  
  199KB
- MD5
  
  1934da70e0369ff239aeadcad9a93e77
- SHA1
  
  ef04acd1095cea42f616ec6955e659873b4555eb
- SHA256
  
  3bb205bdba68f1ade823e795dd345431b1fd94fa9adad95689795fd20ca2bad6
- SHA512
  
  1971e8ae1da32870f72f3562cf8db8565be8634d5384f3b931a9f4b90a60cc942915852ebdc4bf57b9a2477ec8830ab3eb8a76afb8d35db19806b000311a189d
- SSDEEP
  
  6144:QEiOzvqYpdPnCt7Pkv3TTVVqzOevpE3CLwD8pAs:Q3O5ppTP/HeRE4pAs
Score

1^/10
behavioral10 behavioral9
- Target
  
  $INTERNET_CACHE/Cameras
- Size
  
  29KB
- MD5
  
  6b571766b51b70f0249280b0fc92fbb4
- SHA1
  
  80963aa0dfadb9d56471d80441c042dfa0918087
- SHA256
  
  bf18164c379b2528a0386df84c01d9bd42ca63d04d1abb063c157910a35a4a92
- SHA512
  
  e1329c7f16e12ccc9a1bdb09d683ae589173e02d541e33c87b9de6c8af5761d782adf751cf287a5eb1694babc599c1763beaf52e27aa23753d8b3335fd4b9167
- SSDEEP
  
  768:0ZoeqaQ1/uu1ylkp5VAkGh2RDuaIYXBQsBoDCHT5xvs:MoejQ1/9klkp5VLGEDuaiC7vs
Score

1^/10
behavioral11 behavioral12
- Target
  
  $INTERNET_CACHE/Changing
- Size
  
  37KB
- MD5
  
  dd6ecb24734c87548ec4de5a793d0c88
- SHA1
  
  ebe7f894bc46cb73fa98bef6a437bf2a75110dda
- SHA256
  
  b07130b67007fe4f67741622414345b2bf14dd4d39f78358dab5fb5cf2d90421
- SHA512
  
  125834d49b4a2c21e02bbaf9fbf327357fa8de751857a2c76b77df6d901a9a1b98fb3ab78a7ded4641f886d60e5fe6a2e60b0520b4ecf33606b4a13f9b99abd5
- SSDEEP
  
  768:9an73S21DUyJN15pMIlIkHlay5sxcj1qeGiReINDpWPIDJr:o7XDh1RlyxcZqvinN8PsJr
Score

1^/10
behavioral13 behavioral14
- Target
  
  $INTERNET_CACHE/Contract
- Size
  
  53KB
- MD5
  
  62f016ee6db03edaffacf2fb2ba04443
- SHA1
  
  c2b31048fb4a369e32b6b8cd031fb7510f425429
- SHA256
  
  c77dd03f7682c6d4fd4ab858a71689acf9f8dec170c619fbe991415ecc04f79c
- SHA512
  
  ef53a34251e61341eda99a49eb437819c0474847b119e20dd53ee64b38af4508f086a13787e7cb66724b554845ec449fba5ad5ee7b2c7fc2d7ffa88ade8890c9
- SSDEEP
  
  1536:VD/3EfraF0Hikj06LDykFIcizp97bA3E2:VD/T0V06pijcE2
Score

1^/10
behavioral15 behavioral16
- Target
  
  $INTERNET_CACHE/During
- Size
  
  149B
- MD5
  
  5e2f9a5d71031e5af5ee1982ec122385
- SHA1
  
  264c3509c957136f55ccdc7884f893455e09480b
- SHA256
  
  9205db3f3386e0fa7588d6035786206d6e6b9ab60682df1a4a7306dacd6e9099
- SHA512
  
  0284a9157babae7b7977323ddb0c1d9e91837dcd71a5bbd11a6acf490407d2febf66fc041b436b156987f0ea5db1f6e19746ab0b62514ef97665ad7c9747b10f
Score

1^/10
behavioral17 behavioral18
- Target
  
  $INTERNET_CACHE/Ef
- Size
  
  24KB
- MD5
  
  2f6de9debc85a1372017f1d53b514847
- SHA1
  
  84cef7bce5d3be1875a58a98a277b1ee9efa38e1
- SHA256
  
  2e0ce43509bcdc4f80c4c52bc93720057e90f111cdb8c93500bf1a4c42effbe8
- SHA512
  
  f1042dcb829ff1dd34b4f2379251511da037f6b8c93905c6235d31fcc2d08b1ce8393bcbe3406caf5916c63417df3e10bf50834aa9e20d40c4609f6a4e52572e
- SSDEEP
  
  384:hUv0FjSkXDylnffltltZZzz11ppz9KvLoXM4INduLbbOxiVnoXM4INduLbbOxidH:hUySdK8M4INduPbOUGM4INduPbOU+aIY
Score

1^/10
behavioral19 behavioral20
- Target
  
  $INTERNET_CACHE/Explosion
- Size
  
  51KB
- MD5
  
  d9b65c63a23ea8785038fca4dab8a4cd
- SHA1
  
  420d8830448645805256934521bebc1c974a3f8a
- SHA256
  
  1a0c2c8c92e81131fb12f3230ea8d1af07d0e19fa97b7d7b36f1a6f2357b4c42
- SHA512
  
  2f45d89004b58194d344cfcb847b82b155d4ff93826e502887b20dacd79fa9e3058ef50d5a02ff76081bd618cab200ba20c462376a02515870eeae63992aac60
- SSDEEP
  
  768:vTlKWzhQVNsbSSkLQ7PqYIueIVvaOsibzc+ylIt0su0B4y+a8:i7gqYrui3vylIusu0B4t
Score

1^/10
behavioral21 behavioral22
- Target
  
  $INTERNET_CACHE/Feet
- Size
  
  43KB
- MD5
  
  c8ed6a40a768ff35af4884211ff3a8b4
- SHA1
  
  a985de77272ca083bc0a84697cc856833dbe97db
- SHA256
  
  f00583f79086b4c9042df7c3931757f6c52f4569aa3e81bd43fd7bc4373cfe07
- SHA512
  
  7c4b65d3af3f6146d65204dfcde2471e2abb80dd11217df94d47a8b4de07c08bd956d4c4b2034150b07a5867533d91db10c5574fc8227e46986062bc644d4ba6
- SSDEEP
  
  768:hNcNngX+F+2tzjOrnhILBWdinOEgg+ys6kQ3+laXM77HLqno09q6R6gx+gXrz:hNcpzjIqIinTglynkQ3+EX0eomqewgf
Score

1^/10
behavioral23 behavioral24
- Target
  
  $INTERNET_CACHE/Gonna
- Size
  
  30KB
- MD5
  
  ecd5d4a92ab8b6566b8eff353f3b3a52
- SHA1
  
  9142ded6c17161fa5ed75d5cb762580cff2f4d04
- SHA256
  
  df034187cd05fcca080deef2246163dc3262b6489790c24972f0c2ac673973d5
- SHA512
  
  663deb88b285e639e77a74e74d5b6429e794b08d57ae3cc381bafd611ed4765b0e8b7ecd9ad4da682f703c0e23c5e8006e09a6199c6b5fad1a7ebfda3fa2a6db
- SSDEEP
  
  384:dHnHVmE5lTbyuT2sWjtudtIDvFQC7VkxhPfpluui01zrevzAHJcu:PmEusWjcdeDvFQC7VkrHpluuxdCvEHb
Score

1^/10
behavioral25 behavioral26
- Target
  
  $INTERNET_CACHE/Governance
- Size
  
  40KB
- MD5
  
  f400f0fc5e1d4b0e1eb6a7fcae0c6ff6
- SHA1
  
  b04fdc6ad7ce69345edcd37b4c5d64ac57681317
- SHA256
  
  a7eabb41e493a8eda7e819ff0a566165d331e4529efe8c30a02656fa705d114f
- SHA512
  
  c2e7be4a50299bbed912d427046a6ec3d29a11f4db048b03152e143e286ca5dcf94b35d28dd92dc1c6754cfe2c242bec68bc0e59afe4b8b53056fd80c7eb7118
- SSDEEP
  
  768:88SbkXhdqgWWwr2G+jvEHHzR3Sh7WscONK1dvq6LqgaHbdMNkNZ:88SoXTqgWVrZ+Int3SdFc9vtmgMbF7
Score

1^/10
behavioral27 behavioral28
- Target
  
  $INTERNET_CACHE/Ic
- Size
  
  66KB
- MD5
  
  5a9e0657cc95cec7266e2a3de5e1c2f2
- SHA1
  
  7deb2d008de04abb82635ae70484e7a52c499dbd
- SHA256
  
  6ae82e6c6e98758148fe1d1c96d6e2a95b0380a53508c8cfb3fa20ad533f6b40
- SHA512
  
  ca896c43f21ecbb84d2547821bf00e9e52fb7c4c64b59402e0bdf15bd083f19fc73f36e2746f9f78178323fd47afb5e67a92c15e29e491b51e1d3eaab71f27ea
- SSDEEP
  
  1536:/5ctpYuYtWGJG2kQyyy9FskzWaIxOv/pAfkF/M:/5c2p02kQi9FsgWaIU/pA8F/M
Score

1^/10
behavioral29 behavioral30
- Target
  
  $INTERNET_CACHE/Injuries
- Size
  
  7KB
- MD5
  
  20e964022656bb60eefce6b8fc5f019d
- SHA1
  
  bb79fa886732357689f48224756612fd34018e08
- SHA256
  
  1895144876550efb1671c206f1f5ac2d19ff12a87d04c2b067b9b7a666e52f08
- SHA512
  
  7ee7e8d7e46677226b812b1b9782e087aabf261cb011b80e3ed22dd6b5cba4c42abbd3f20301d8b8a4f26c45b2cdb657f746f347d3e69eeea169452e974a2da8
- SSDEEP
  
  192:VCi8XPaearLzdORwW59jmGyYqbQWww9nikP/z:cbPgrU2W5nqccoknz
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1057

Query Registry

T1012

Remote System Discovery

T1018

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32