lumma | f8cab373e5381f3124803a5db9264c100551053d277121aea1086598142b517b

Sharing

Copy URL

Twitter E-mail

General

Target

f8cab373e5381f3124803a5db9264c100551053d277121aea1086598142b517b
Size

9.6MB
Sample

240603-1pqtpaab9z
MD5

c0a64fbf3502545d0cfeffd049c4ddac
SHA1

49776d60971379354f0945487cc0fa89d8417d2c
SHA256

f8cab373e5381f3124803a5db9264c100551053d277121aea1086598142b517b
SHA512

8d51d7739eb0d4129f4e405fc2033e75f2cc74500c0c1a89b547d14cf43fbc4bf3bb59df2345ab023e0d1b33767417d722cd560de339f2164bfa13e4f384a101
SSDEEP

196608:2r9cD+4hBj2hYVZ366jrxuw2xktikCPJfZf6foOU0CZm/ji+khOCq:2r9ODBj2SZ36aluHK9CGXU0Ccbiu1

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://declineforntyuekw.shop/api

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/Setup.exe
- Size
  
  5.5MB
- MD5
  
  9d8649afd4141d960b6545998fbc423b
- SHA1
  
  3ddd700caaebab0a9d2ed640f235d4b716a505de
- SHA256
  
  db2457caa1ccd65e63718b9e28789a12e17bc7a038975fba4f07dcd9f38e7016
- SHA512
  
  0a50681e956df3187a718570fd54600365e8ad805b7e291eb5fc6169df47a6d31596f890419aa36a4f3d983b17eb21eae9e2e51cf5755f8b2b890ba87b752da2
- SSDEEP
  
  49152:88iGSBp0o5I9vl6yoPgbIXayfQUxldpSphlWopc9MTHKsb48bHVGfKiaaQATZ79z:bihyoPgbInQEHY3N3sNfxLlC1Dxeh
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/vcomp100.dll
- Size
  
  49KB
- MD5
  
  dbc8b0d76cc08816b55d1463c932e7a6
- SHA1
  
  e776ac3302698e7d3a0b5a62db3b16556a203829
- SHA256
  
  b4a10ae0620289f62ea276989afc78a3068082088e5f77fde49ac53fcf89a79f
- SHA512
  
  ae00f9ae0d911cf50e09a77a8eb9f1385d52bce853756e0085210e1645c61ebaaf9d50332210f4c829b09af7e801217b24916f62f58ef428e288fda7d9adcb45
- SSDEEP
  
  768:SSBw7lhhX8nuJWIJ4lIuIK/4YAVbX+j11bg3kaKpnwh5L2jmPGsHy/gNb6Fjpvck:PClL8uJQlIu7wjVbU2KmLSCS/s6F5c8P
Score

3^/10
behavioral3 behavioral4
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/AzureKeyVaultDgssLib.dll
- Size
  
  373KB
- MD5
  
  34ae0787cdfcb920753763251dcf83de
- SHA1
  
  a41d5d58d21300e8418dbd354f46bba425fa9611
- SHA256
  
  3eee708fdcc68fe76ac4cc7adba90201912c63cd815717f91a5eabba1170af0d
- SHA512
  
  c8684bf3441fa5fb6a0e38df6bb9f728502e78f55eb9382ff168adab081440c37277497804fb1246a13e1f625aaa1858e39f62780c5c426edf3d825f9a739bc7
- SSDEEP
  
  6144:UbJLUIAs2A/QRth5FMjvgQKMBTaJq+jqBTSMNGx6:UbJciQRth5FMjvg9MEJMFpGI
Score

1^/10
behavioral5 behavioral6
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/BugReporter
- Size
  
  521KB
- MD5
  
  29d33ee7f3fa0ee7f52ae96732c90f48
- SHA1
  
  a781620a7bcff615d4dc64751b30287814200d13
- SHA256
  
  b8b06487ee2c2f2a4ae25d1e7a08a9ce831539a529fe2ed0e8841e5f7c42de90
- SHA512
  
  7b0076d73dc6ed561b8294ed7687f5d0d285b080b2f12bc49623690e32ccd6a2161232860f906aa151f04950587befae49793130f5f6e2ff13453a401862d856
- SSDEEP
  
  12288:pFU4ZwXnyWu9wHXspsSlxuw2xyJGS3mrxWI7n3OqiHThrmotbY7rSrZWZlJmwJIH:pyellxAxyJGS3mrxWI7n3OqiHThrmotD
Score

1^/10
behavioral7 behavioral8
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/ComExtractor
- Size
  
  618KB
- MD5
  
  36848dd965ff265d696fff4f2d51935e
- SHA1
  
  68c6390741c490adf2802c84e06a3b90a3c308ea
- SHA256
  
  d66ee1d1e44feb03d7821062ce27e92da0fa78f7e47a451b7b1d4b94860dd309
- SHA512
  
  6c3e9cdce928a78b9ea997954043ff82b2767a29b519116884e616b8aaa48668ccd051ed4607830bd7b59e32671e563939d180e576ae91752f854081b84b35af
- SSDEEP
  
  12288:pRP0qhnnyfYZtOUdSK+jgsVGmzyg4J5EA:fP0DgsVzyJ5EA
Score

1^/10
behavioral10 behavioral9
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/HDHelper_[0MB]_[1].exe
- Size
  
  566KB
- MD5
  
  8a179892518a2c4e8a63afa91de7bdce
- SHA1
  
  e9b095c966ccc4c4900b4cf741c067d2a0f43cd4
- SHA256
  
  72ece91f65a461c5023695bf5f31b5b6b5bd629dba8407524e8144f6d1e160e8
- SHA512
  
  91abb220c222a89a2df27818b8385b4015128a35b7d4c43d0f497717a4e5a55dfb9dc1da3f47a49a2400ea8300d41d52277331a6c7c3437ac5cb867a4027b220
- SSDEEP
  
  12288:voJoMf8uSKkd/kAseRy/M96oQD08WjWYatid4TwzSxK/G8kHcL:CEKkd/wXMwoQJW6Ya5TwzUKeH8L
Score

1^/10
behavioral11 behavioral12
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/Microsoft.Toolkit.Win32.UI.XamlHost.dll
- Size
  
  108KB
- MD5
  
  1f4379d416af34033857bb439057cee0
- SHA1
  
  a779714e9fe715aad9db2218a4b761ab77e873b9
- SHA256
  
  98a87914e37600c7f97a27ca603a6b994dd51ffd390ce5b34e073939d258c2f4
- SHA512
  
  cdaa3d8727e287eeaddfd58e04f292bd8daf7671a2942f99a023f31037cc8b76dce5c0566d6c0664b24403930bdd9396b27af208c313a28010e7eb9f850ba881
- SSDEEP
  
  1536:WPiq7mAYLZ/kEglj55rEzGJT45rhh9esSTrXjnwVijXXyNGF1ZvLzmFiXxnBjYh2:6sxkEDGJk5rYk9Y
Score

1^/10
behavioral13 behavioral14
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/NvStereoUtilityOGL_[1MB]_[1].exe
- Size
  
  1.1MB
- MD5
  
  017cd77d01314e72a973ff0c7882453d
- SHA1
  
  288238159cf18418149f5cd3475a6ebb9f45a631
- SHA256
  
  c2c71318a17f7f767e5d203d22b48f27eecae46a4f37082d7b413c51da6183b3
- SHA512
  
  b1d4c87e7d8585c16aa50499398c9a04d90bcd32ab36fbf7a357bc15abce0cd802a259cc7431de9fe2ca77aa68298aab5041157308be4601f7f7aa0c3c180b03
- SSDEEP
  
  24576:zCVnoQHgdFnJhVaqajA4+ubDaSKYqSpamUbSBe:zgnoFFnJjaqajA4+yaSK5SpamUbSBe
Score

3^/10
behavioral15 behavioral16
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/VSLauncher_[0MB]_[1].exe
- Size
  
  281KB
- MD5
  
  7a7bb3b0e57e4fb32c57b74e78e657ad
- SHA1
  
  f1dee943b1b6238b1466d83325c4099d189cd4b5
- SHA256
  
  87048cff2227d2901314760618d23917cfbc5cc15fc22dc355e803c5ee5fb211
- SHA512
  
  ef0c9985b640189ed9991b301cfbf9771df961e1bf67bf68c5833667db53977c9745bcfb42e059d8bb5bcd7a88253a715d86f65612dccc33514ccda3baaf24c2
- SSDEEP
  
  3072:Dawahjy56hh65Ndqp9ikqtPLy0gJmU/3j41IGvQC2mCILuCW+VoNDRUiuDhJoueT:dLlavj41nDlDOO9uunwiLWyIE2n
Score

1^/10
behavioral17 behavioral18
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/WinUiBootstrapper.dll
- Size
  
  896KB
- MD5
  
  290538fceae682f2cfc3580e01fa7d28
- SHA1
  
  12df9dc416d48f90a5ee5648abd1479dcc5dc327
- SHA256
  
  c0cfd5ecd4fa7c78eee91c4a2e7963e805513a88ad376772108b9b0c54bb8551
- SHA512
  
  089986cfe48fbdc889322796d5b5721b0c5065cfde72516e3fb35024bbe5c3ed098c6b7dc0c459af732f96bc2f67c95435f6d9cbcd8941ac18b83ee54b27321b
- SSDEEP
  
  24576:MpiGSL76HSy+SqfyJFE0yD3VDPItrsRmPrAF6dGUO9T:Mpj2GHSy+SqfyJFE0yD3VDPIhsAPrA4Q
Score

1^/10
behavioral19 behavioral20
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-console-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  0909e61c8c9c717976828f65c987e5f9
- SHA1
  
  b5affabb8afda55ebb1f404edab69c6c239affe6
- SHA256
  
  03ffdb036329a25beacf905d62611a13e3dfdda6cbd2d13af830258e8cf40ec0
- SHA512
  
  7f78746e40da64631c08d0e173fbdeb40beed180932b42382d9f3ac0cdb4348d2a5b1c29770bb98f5d4823cfd66ecac2285afbcaf109f82c8b75c7711f10c49d
- SSDEEP
  
  192:+OAWAhWeW4pICSjRof0cVWQ4GW/gYbOEU+9YX01k9z3AWB2c:+jWAhW82xlcdUOQGR9zBB2c
Score

1^/10
behavioral21
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-console-l1-2-0.dll
- Size
  
  21KB
- MD5
  
  6b33e6f1d77cec0901ea8e91473bc18b
- SHA1
  
  a397d2c6aead0b3e57d413a8d4af7f28e67f4166
- SHA256
  
  449631a3f5fadef72acc2c2f84765208d0ca014ec1fe93fb9ad805eec1d40eae
- SHA512
  
  8f5214e38202719f6a7549b2b97ad24288974cfb6cf0da1e9eec5b3b2092220f2330a260b17e28afa90b90226666a765a4e64fe91107e2063cde8e285f64773b
- SSDEEP
  
  192:p9qWAhWGW4pICSjRof0cVWQ4iWnYU7h+Il+jX01k9z3Az3TzRL:mWAhWk2xlcQtEjR9z83/RL
Score

1^/10
behavioral22
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-datetime-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  2b4a3a51e075ab9819c6d6bc40efb4b5
- SHA1
  
  bc52c10ded8b087c73229dc2f98714b5a368f521
- SHA256
  
  d718e1b6c352112c2f8e36b4ba5ed28e6179257fd2fe944c4a0d404b5c15b5ae
- SHA512
  
  13b07dc2247d51dad1ab9bc7df93e0d3e1bd6cc4fd16f9aff87ceffd40a56933d569a5fb82177dea7b6ea04ebf9f909f95451d123126155a13de6a85f747c592
- SSDEEP
  
  192:JWAhWSWCYtvnVWQ4WWd/q+KKnAX01k9z3Adaoy:JWAhWtCqTKAR9zsao
Score

1^/10
behavioral23
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-debug-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  607703b245d9b4fc69a8b5363ff626fa
- SHA1
  
  dcf4626787ea220b19e08cc5bf9e55553a3a2aef
- SHA256
  
  f65b1b3ea2767f98f0c29118e85b06f4e61654bec34b60b3abb593b24ec29af4
- SHA512
  
  92d761f733f2c678946894ca72459b0e6dc62cd3abe1073653104689ab48c19603e6e1109c07b2f110822b424430f22d112f87c629b99d0b3ccc16e179549628
- SSDEEP
  
  192:YWAhW+W4pICSjRof0cVWQ4GWk2QYIN5vCX01k9z3AiRDZXobo:YWAhWc2xlcSbUJCR9zdRFX1
Score

1^/10
behavioral24
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-errorhandling-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  059129bae1776f03c59d3ba66a6f6dee
- SHA1
  
  33b1dbcaba1d16eaf5413f1378119cecc1298724
- SHA256
  
  a83af0f79abb5e5c818c6f38a38da80e531081f3255cb006ed4c29635cc0b9ce
- SHA512
  
  6a7da7e58620bc1ce4b6d3cab1e0b746fc9fcf05a84d85931f845412301880786fbc63b31611d9442b5a1cfa72558966375ef14edc749473e2b7c988dd20b675
- SSDEEP
  
  384:9f7xeiIFRWAhWWlReaLMB+6R9zqoHLdg5CG6:EFVros29zlacj
Score

1^/10
behavioral25
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-fibers-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  9fa3992f5dac5ea5dfa15b9669c68154
- SHA1
  
  a453fb6c4064da8c01ad03a4ea3c0434efe82635
- SHA256
  
  9057131f628e547c14754d545140ad6544e64606358104da50841e9a1b03f442
- SHA512
  
  ad73f3952dda55cfaa6a0d6a0233df785650f5965caa4859b6c1577e3fbd6020e60b4b26338387690cc48b16a186d2b530708a71d2671ab17ee8904399de292f
- SSDEEP
  
  192:nWAhWqW4pICSjRof0cVWQ4GWGjwUBuvdOEU+9YX01k9z3AWW9q7fUV:nWAhWg2xlc7BulOQGR9zBaqjE
Score

1^/10
behavioral26
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-file-l1-1-0.dll
- Size
  
  25KB
- MD5
  
  817f9a76b7eadc1226b006ccbdd38a11
- SHA1
  
  8b81897cdd4d48befa389c1df2d0b887ffeb58cb
- SHA256
  
  99ed148ffbb35829480412dc64da6ad24dfabe2f9a0eff9ba1493455d7127677
- SHA512
  
  53d8b2561862c6b2465665d761612aaa8b7adc887058260fbf970aac0fb006317283ada01468b1e042fd9dd44def90451793afee297ed787086645cebce45cd2
- SSDEEP
  
  192:1NtaNYPvVX8rFTsfWAhWBW4pICSjRof0cVWQ4aWJLk4xOEU+9YX01k9z3AWBwCy:rPvVXBWAhWn2xlckOQGR9zBBwb
Score

1^/10
behavioral27
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-file-l1-2-0.dll
- Size
  
  21KB
- MD5
  
  e334f2fe1e0e6d5d6966f139ed328d97
- SHA1
  
  68b2cd826f3dfa59531397ebb3f382dec9af5fe5
- SHA256
  
  d56eae93c55abdc8eb77d132777049634e28a9b59fd4b2101d51351546b984d1
- SHA512
  
  fb6ee02f06447c906a4353d93ce247e14a9a1ea4255819a88e395afe2e3775fe3aeb622b7a97d86086d88c739ba4d2e2fba9e8fd6467e167fc75d595c9182327
- SSDEEP
  
  192:hsIkWAhWW7WCYtvnVWQ4OW0mOOt5equ/X01k9z3AFpYlQ:h9kWAhWWCK56/R9zgWy
Score

1^/10
behavioral28
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-file-l2-1-0.dll
- Size
  
  21KB
- MD5
  
  7f0ef1cf592d04b082b65f75584652cd
- SHA1
  
  f7b9a2851a66a6a8eb509f2541b6ccc3b551f2fa
- SHA256
  
  9f496e181b1c862c7a7d03c09d9b0a5361535c98acbb1a9d50a27bcfb0a2bcc5
- SHA512
  
  30d2d695773e7bfd67de8691c40e571b3b91858e72eab3d78c84902b359108e9988247bf81689ab15fef6ed0a9ef62031f1937c6e7ce4ce8e1a34970ba23e727
- SSDEEP
  
  192:iCuWAhWGkW4pICSjRof0cVWQ4iWwLuCFaqDu0K9X01k9z3ATd83:zuWAhW/2xlcuCFYj9R9zsdM
Score

1^/10
behavioral29
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-handle-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  1902b85a588178857e9637902e5a1b85
- SHA1
  
  31ae4cf76a34ccbd92fdbe60bee080998741ef4d
- SHA256
  
  5e48c99dd6318b017686bde507cdcb9d6ecf25f4f78f345845b865e443f1ee66
- SHA512
  
  0755e9c0adc9e374060c851d4f7fa62633ec07dde0bbfd56ffc9bc8ecff5b9efd6fa8418c43e838770eed43a54a48fd61a41226d9ea84834275a4a36c7796472
- SSDEEP
  
  192:jPWAhWWMhWCYtvnVWQ4OW8vpgVt5equ/X01k9z3AFpT46cuwY:jPWAhWWMAXp456/R9zg5Tcu
Score

1^/10
behavioral30
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-heap-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  892e47390f34aac7d20afe63ffa92f20
- SHA1
  
  4a78a77ae1d5bdba55534167f781a3c8675c7ed3
- SHA256
  
  6070ffb5e20ed032d460d323df981d369fa68045fab130fd100803a00ab88c23
- SHA512
  
  8b37866ebdca5047673d984bd779b1df052e3d44e3fabc3a4ce2e747489baa2bd86add629d95c76cf08150f74281d89d46372ef64266b90304cf7dd581af3a93
- SSDEEP
  
  192:UxlwWAhW8sW4pICSjRof0cVWQ4aWQVKbOEU+9YX01k9z3AWl9:UxlwWAhWV2xlccbOQGR9zBl9
Score

1^/10
behavioral31
- Target
  
  !~L@tEsT_sEtUp_4499_p@ssWord`/x64/api-ms-win-core-interlocked-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  d8999e328af5ee1eb23c216336637cb7
- SHA1
  
  a7bde6c833e4d6ddefcc4050997b1583ff1ffa42
- SHA256
  
  4ea02b683513a157e21824b1c1e9ebb782d22f14209b67961f97b1f79673d3ed
- SHA512
  
  4f041ed2daf781b7f86b4459e74330650b2687ee46dfb961ed7a0716ac7ad2082a631cb619cc6d3c7d19f550bc030553b9656aeba14f969dd52df0b40a0e418f
- SSDEEP
  
  192:aDWAhW+W4pICSjRof0cVWQ4GWgQirmYIN5vCX01k9z3AiRYCj0+y:aDWAhWc2xlc1frJUJCR9zdRYn
Score

1^/10
behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32