Overview

overview

10

Static

static

1

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

x86/Direct...1].exe

windows7-x64

1

x86/Direct...1].exe

windows10-2004-x64

1

x86/Paring...1].exe

windows7-x64

1

x86/Paring...1].exe

windows10-2004-x64

3

x86/api-ms...-1.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/api-ms...-0.dll

windows10-2004-x64

1

x86/chrome...1].exe

windows7-x64

x86/chrome...1].exe

windows10-2004-x64

Resubmissions

02/08/2024, 02:50 UTC

240802-db3vrs1hpj 10

02/08/2024, 02:47 UTC

240802-c9v25sweqe 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    #!!SetUp_2244_PassW0rd$$.rar

  • Size

    10.6MB

  • Sample

    240802-db3vrs1hpj

  • MD5

    06d7ba03e2e6f8ce2c5c2de914346dd7

  • SHA1

    50f3d4d36c7dc47b69e51d94a2091000fce4f9e6

  • SHA256

    984d530e78ec72391f217805e5e078cef1c4e15c156c12d60841dae8b2e5af87

  • SHA512

    e9956985dfac0e526b49c55a43f99bb13b17702a518466dabc79cc010c26267e514f41dfc68aa08cabb486b5669ce1a52107c547d3f7a51f270aad6fc3aa9e7c

  • SSDEEP

    196608:9+1VuY7zteC5qmRRfTHHPwoD3LVYeNCjYJN7qGQLwi3Io1M8qiBbVRG:EtqmHwoD7GYCjYtwM8TBxY

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://dividenntyss.shop/api

https://horizonvxjis.shop/api

https://effectivedoxzj.shop/api

https://parntorpkxzlp.shop/api

https://stimultaionsppzv.shop/api

https://grassytaisol.shop/api

https://broccoltisop.shop/api

https://shellfyyousdjz.shop/api

https://bravedreacisopm.shop/api

Extracted

Family

lumma

C2

https://horizonvxjis.shop/api

Targets

    • Target

      Setup.exe

    • Size

      9.2MB

    • MD5

      1cc167273eeaf450abb5e548edfabc89

    • SHA1

      ca47da5cc86c31aea84a6b170bc948f1020abe89

    • SHA256

      b16b380f60786a78e3e8760f4a65e0906f744e43b2a04eead206596727443082

    • SHA512

      99969849910f81ea0a163562502db3837e1cd506524c408938c12952c10e50ff846604cf5a0774014e0a896ba7c571c969ac168fd38002414dd7a87ed86749d7

    • SSDEEP

      196608:Fsd7F8Iox9opRvxDKokM7JQpBgKDQhN0F:Fsd2px4lwrM7ClQhNu

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      x86/DirectoryMonitor_[1MB]_[1].exe

    • Size

      1.9MB

    • MD5

      76067380db217854920c9652e6276ae1

    • SHA1

      10442a38db18218953418b84bb8684a3fa399312

    • SHA256

      d74373f86c366409db3392258b552e35477ffd47d968d094abad170663193fc6

    • SHA512

      91a42d2196b42515132ccdbc40dec46396995d80da5a44eded2d16fe4350c50a68a2556a80acdccef823bc233b4fa5a88a6423748e9fea2e23795339795857f9

    • SSDEEP

      12288:hc6VJx4LOQyQLkoCPs+b4H4APA60jEcflSIQZXDVrZLpYHT:hhJxPQySCod3c8pZzhnYHT

    Score
    1/10
    behavioral3behavioral4

    • Target

      x86/Paring_[1MB]_[1].exe

    • Size

      1.9MB

    • MD5

      4601692d9ec47eb3ed8b843de5a36ccc

    • SHA1

      005b44a84219035e85ba98109ccc16a59fb85946

    • SHA256

      d377d81e1a6e4afebeda31326179d157f3a463129f2cb639597d7c31b1610ce1

    • SHA512

      b98f290274f5bb98e8c18c9ae0105559d0a98fccca27afbee577c7cdcae12a4600fc2ab0134c98e3c1fd1a2bd03bbe94f606fd38089c77140e05e8b7b955575c

    • SSDEEP

      49152:1KgeR7rW0PiFtA20ilRO+2r9FWjjyakqN5n:AX/W0PiFO20ilU+2OvjkqN5n

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      x86/api-ms-win-core-processthreads-l1-1-1.dll

    • Size

      17KB

    • MD5

      29001f316ccfc800e2246743df9b15b3

    • SHA1

      dc734266648d3463c1f8d88c1ce7d900a4e3b26c

    • SHA256

      e5ea2c21fb225090f7d0db6c6990d67b1558d8e834e86513bc8ba7a43c4e7b36

    • SHA512

      4cffc0c6f94fcd1155909993c622b9103abd7a7bce88742a10abd6a3496a334d667a39bb601f99eb174aa847d7dae056e0d9769754ca86320579b262a20a6599

    • SSDEEP

      384:WRtwDfIe9jWfhWC+Y3DGk8ZpH3GCJErra8o7Q+Y3DGUKn8JN77hhET:ape9A5DGkiRBEXaR70DGa3hqT

    Score
    1/10
    behavioral7

    • Target

      x86/api-ms-win-core-profile-l1-1-0.dll

    • Size

      16KB

    • MD5

      6ee66dca31c5cce57740d677c85b4ce7

    • SHA1

      8969db03f98f9548caf8e2d8c7f2f5cd7071f333

    • SHA256

      d00a0edace14715bf79dbd17b715d8a74a2300f0adb1f3fc137edfb7074c9b0a

    • SHA512

      592e3b6c689a0d6c87079c54c3e13e6ee1fc0c5c770abc854040e85464687c46f0a558be22f8759dbc4a100810386ee379ffe4359cf9091d9afae548bc597be2

    • SSDEEP

      384:WiIWfhWx+Y3DGk8ZpH3GCJErcx3l/r7+Y3DGU78JN77hhC6UHR:doDGkiRBEWV/rxDGT3h06UHR

    Score
    1/10
    behavioral8

    • Target

      x86/api-ms-win-core-rtlsupport-l1-1-0.dll

    • Size

      17KB

    • MD5

      0069fd29263c0dd90314c48bbce852ef

    • SHA1

      dfb99c850a69e67e85f0a0985659f325bd8f84fc

    • SHA256

      d11093fdc1d5c9213b9b2886ce91db3ded17ef8dae1615a8c7ffbc55b8e3f79b

    • SHA512

      71965e8dd2fd81d0c6dba4dbec8d2d1bfd4a644ef6bba4f6027de4bcdf9c07da16f27f2156c21b52e678c75f0a93a4bcbc3e1942f0a73f1eea5ff64b70662f70

    • SSDEEP

      384:WCGeVxWfhWD+Y3DGk8ZpH3GCJErYtN+Y3DGUO8JN77hhTew:3GeVmyDGkiRBEojDGa3h9ew

    Score
    1/10
    behavioral9

    • Target

      x86/api-ms-win-core-string-l1-1-0.dll

    • Size

      17KB

    • MD5

      2e5c29fc652f432b89a1afe187736c4d

    • SHA1

      96f8480b9339411d5d8c94918e983523b1a55c56

    • SHA256

      3807db7acf1b40c797e4d4c14a12c3806346ae56b25e205e600be3e635c18d4f

    • SHA512

      fe1135532e18127f2cfefaaa4a19020d6c790374f648dc93383d58ee52b147d1451af01b8624234bd5d77abe2451eb3e15cbe72a19d283f00cf78c05c43041df

    • SSDEEP

      384:W4yMv9WfhWx+Y3DGk8ZpH3GCJEr4ey/+Y3DGU888JN77hhnY1:DyMvaIDGkiRBEsnDGX3hxY1

    Score
    1/10
    behavioral10

    • Target

      x86/api-ms-win-core-synch-l1-1-0.dll

    • Size

      19KB

    • MD5

      979c67ba244e5328a1a2e588ff748e86

    • SHA1

      4c709ce527550eb7534cb6362afdb3623c98254e

    • SHA256

      8bb38a7a59fbaa792b3d5f34f94580429588c8c592929cbd307afd5579762abc

    • SHA512

      49f3c3319aa462b445c6a0b816e10034f6e5a9cf1250ea30b348cfa1ef71525e9f62e2f13253f61375f51fc574847de0d509cffa95103771be356327d5fef90d

    • SSDEEP

      384:Wjdv3V0dfpkXc0vVaCWfhWt+Y3DGk8ZpH3GCJErHZpn+Y3DGUrUN8JN77hhYl:Wdv3VqpkXc0vVabkDGkiRBEtplDGEUq8

    Score
    1/10
    behavioral11

    • Target

      x86/api-ms-win-core-synch-l1-2-0.dll

    • Size

      17KB

    • MD5

      659e4febc208545a2e23c0c8b881a30d

    • SHA1

      11b890cc05c1e7c95f59eda4bb8ce8bc12b81591

    • SHA256

      9ac63682e03d55a5d18405d336634af080dd0003b565d12a39d6d71aaa989f48

    • SHA512

      010ab6d3971fabd2a956f891b8d9d20ef487e722443b2882a1a329830dc5c80d262e03a844cd3f5c3e4efcfbad72b9e1fbbf7d9dc6cf85ed034d84726946ce07

    • SSDEEP

      384:WHtZ36WfhW8+Y3DGk8ZpH3GCJEFxMDD+Y3DGEC8q8JN77hhFGT:EbDGkiRBEsJDGS13hj+

    Score
    1/10
    behavioral12

    • Target

      x86/api-ms-win-core-sysinfo-l1-1-0.dll

    • Size

      18KB

    • MD5

      cef4b9f680faae322170b961a3421c5b

    • SHA1

      dd89a2d355df989bbd8648789472bfe9c14afcd5

    • SHA256

      1fe918979f1653d63bb713d4716910d192cd09f50017a6ecb4ce026ed6285df9

    • SHA512

      f56617290d4ac25231631d708a6c8b003bdd358bae9672f7dee539a96b292c13e04c65ba5f05937c52f73288eb3dd7cba479ed030942a0d9d3a15512548fa4a9

    • SSDEEP

      384:WBTnWfhWt+Y3DGk8ZpH3GCJEFxqIDh/h+Y3DGER6vJ8JN77hhHWT:0TsIDGkiRBE+IxfDGM6vW3h5WT

    Score
    1/10
    behavioral13

    • Target

      x86/api-ms-win-core-timezone-l1-1-0.dll

    • Size

      17KB

    • MD5

      69df2cce4528c9e38d04a461ba1f992b

    • SHA1

      bb1d0da76cf696acf2e0f4e03e6d63fbad4325aa

    • SHA256

      a108a8f20ded00e742a1f818ef00eb425990b6b24a2bcd060dea4d7f06d3f165

    • SHA512

      4d02eecdda0fffc10d5509830079984c7a887b4ca3a80359aa56117b302dcfa594b0710c9f415c823d1674b5c689d31aade44f21750ccd7d53010e67f0b6f0d2

    • SSDEEP

      384:WGOWfhWc+Y3DGk8ZpH3GCJEFxi+3T7Tu+Y3DGEu8JN77hh2KI:5XDGkiRBEm+uDGQ3h7I

    Score
    1/10
    behavioral14

    • Target

      x86/api-ms-win-core-util-l1-1-0.dll

    • Size

      17KB

    • MD5

      c6553959aecd5bac01c0673cfdf86b68

    • SHA1

      045585659843f7214c79659a88302996bfb480a2

    • SHA256

      68bd9c086d210eb14e78f00988ba88ceaf9056c8f10746ab024990f8512a2296

    • SHA512

      ae8e42a428202d05fea4f1e6a4d3b919b644a792567f876b0fc392b1cddb856547b4c3b433c002fded6df4d4daec8fb7235f30d1ff9f42943d9e2557ade364d6

    • SSDEEP

      384:WyzWWfhW++Y3DGk8ZpH3GCJErst5+Y3DGU1a8JN77hh8T:35DGkiRBEQpDGw3hKT

    Score
    1/10
    behavioral15

    • Target

      x86/api-ms-win-crt-conio-l1-1-0.dll

    • Size

      18KB

    • MD5

      7190cbfad2d7773d3b88ccc25533a651

    • SHA1

      71fe2bacc14b433d51328ea0810c1a030c80d844

    • SHA256

      4aeeae0ac9f6c1b0b8835067ea3b7fc429f353565f18de7858f4ea5d6f72072e

    • SHA512

      b314666c400268bf261c5f9e9966ad0680435241e7a24d85b28ae4405d798b80eedb65ed8db7e8d93df90f886a6719a8b7ace8c25d0429392bc061868890c40c

    • SSDEEP

      384:WL5WfhWO+Y3DGk8ZpH3GCJErBf+Y3DGUCU8JN77hhIw:FVDGkiRBELDGfX3hKw

    Score
    1/10
    behavioral16

    • Target

      x86/api-ms-win-crt-convert-l1-1-0.dll

    • Size

      21KB

    • MD5

      3e415147ccd7c712618868bdd7a200cd

    • SHA1

      b332f29915d846519dcb725d39e8c50604d7b414

    • SHA256

      77b69e829bdc26c7b2474be6b8a2382345b2957e23046897e40992a8157a7ba1

    • SHA512

      7e7e50f148414f8a84b4c39d3c7c1e0952f86f95873f3abc25b7f08574bbcce41394a59451868020b178bf68df12615bd356677e8c935c1185c5d07d15e61896

    • SSDEEP

      384:WluyxWfhWK+Y3DGk8ZpH3GCJEFxkNN0O+Y3DGEhy8JN77hhHL:RhDGkiRBEqDGsd3h9L

    Score
    1/10
    behavioral17

    • Target

      x86/api-ms-win-crt-environment-l1-1-0.dll

    • Size

      17KB

    • MD5

      ad0cbb9978fcf60d9e9ca45de6a28d30

    • SHA1

      65549d9d7ee72de7d0cc356f92ad22eeb8dc18cc

    • SHA256

      6c9c0dc7b36afe07dfb07dd373fc757ff25df4793e6384d7a6021471a474f0b9

    • SHA512

      aaf4919e7629cd0bcf52283d578214043a4bdf6597a7d808dfcecd5fa1ecbd0b1395c60a165c575d20ca42928500815e14837b9e05530a667c6898e14243d64d

    • SSDEEP

      384:WgWfhWx+Y3DGk8ZpH3GCJEFxHiA6+Y3DGEi8JN77hhksg:CsDGkiRBEJeDG03hCD

    Score
    1/10
    behavioral18

    • Target

      x86/api-ms-win-crt-filesystem-l1-1-0.dll

    • Size

      19KB

    • MD5

      14f407d94c77b1b0039ae2c89b07a2ff

    • SHA1

      528b91a8a8611da45463fac0a6bd5c58233f8fbc

    • SHA256

      85b1b189ce9e3c6f4d2efdd4cd82b0807f681bea2d28851caaf545990de99000

    • SHA512

      152b97a656acd984592bf58854222ec97c661f9f8d19557ea03501457fb5a07821f90d332f21b1b51a5bce5ab84f862354b8ee21c7c1f6b7aa1c127f4a73ab5d

    • SSDEEP

      384:Wcq6nWm5CpWfhW++Y3DGk8ZpH3GCJErNi4H+Y3DGUfhd8JN77hhcu:G6nWm5CeBDGkiRBEp5DGk63hqu

    Score
    1/10
    behavioral19

    • Target

      x86/api-ms-win-crt-heap-l1-1-0.dll

    • Size

      18KB

    • MD5

      9c373c00ac3138233bdf1655c7be8e86

    • SHA1

      ee38f868e32950d1b8185249edc6ad4e1bc5592f

    • SHA256

      0166edfb23cfc77519c97862a538a69b5d805d6a17d6e235f46927af5c04b3c9

    • SHA512

      d2f56b3169c1fea1a604523b2215dbad02c6306bd804445b367756f288310554dd049aefd024babc26a3b270b8aede8b10e5ec8d80e772d3d1076b8013491067

    • SSDEEP

      384:WgY3eRWfhWn+Y3DGk8ZpH3GCJErTpTX+Y3DGUm8JN77hhwJ:TGeDGkiRBERTVDGm3hiJ

    Score
    1/10
    behavioral20

    • Target

      x86/api-ms-win-crt-locale-l1-1-0.dll

    • Size

      17KB

    • MD5

      c5d747f96237b6e9aa85c58745d30c80

    • SHA1

      c6ad21597265faf25ea8d7f09577f3e6f4f7be10

    • SHA256

      f16447b5fc7fe6fb8a6699a3cef1b2b8ba92d408579bcc272d3dd76acd801e2a

    • SHA512

      5bcee06d62633ecdfdf5dd1bf92ff9278f535dc5f21bfe36faaca15e378beb4da6be7ba9767569119fbf9f7383ffdb3a4a17c99d5918a64b8e12926ac0ec3140

    • SSDEEP

      384:WVWfhW2+Y3DGk8ZpH3GCJErYIcc+Y3DGUA8JN77hhKdf:JxDGkiRBE44DGk3h09

    Score
    1/10
    behavioral21

    • Target

      x86/api-ms-win-crt-math-l1-1-0.dll

    • Size

      26KB

    • MD5

      bc418a3461c5fdfa1a0d75f7e03d08a7

    • SHA1

      5cfefa62226f117b7e2fe58961269294eb62b84c

    • SHA256

      c7115159babdaa1f52e478e67b4e612da2332fda4e4036999b29425fe303b6e8

    • SHA512

      4c9f3d461a5fc42d829d517ef523423ceb18f6667e6f2d83f1e5cd645a359d32b58ac8652ea734f567ed3b9e2999f358bf0e95bf38265df7abe3fe4b2f5fa978

    • SSDEEP

      384:WXQUbM4Oe59Ckb1hgmLVWfhWC+Y3DGk8ZpH3GCJEr0a6eOq+Y3DGUOe8JN77hhoq:SRMq59Bb1jyRDGkiRBEQeOODGp3hqQ

    Score
    1/10
    behavioral22

    • Target

      x86/api-ms-win-crt-multibyte-l1-1-0.dll

    • Size

      25KB

    • MD5

      9e9c6f83a015029808f5257f7b7e39c6

    • SHA1

      5674192eb60eb152773fe0d50161f32759e2ea0f

    • SHA256

      c6b4e1d903b3cc83bfaffbe4e82eee634cff8f97f12217caa45b464ddc4e1455

    • SHA512

      6e124732646cbe95ef94773d57b08c68a399854f906b14f15996bb12400d5e92b34596c38795a3ba4cdf8db4e8dd5ad486890634951a4686c6679b486ab19cb0

    • SSDEEP

      384:WPy+Kr6aLPmIHJI6/CpG3t2G3t4odXLVWfhWS+Y3DGk8ZpH3GCJErRMOnR+Y3DG3:uZKrZPmIHJI6kVDGkiRBE9nDGa3hYV

    Score
    1/10
    behavioral23

    • Target

      x86/api-ms-win-crt-private-l1-1-0.dll

    • Size

      68KB

    • MD5

      ad8d9a6ea592a6c8a78c67a805cec952

    • SHA1

      3e9f35013044be456f33e300418453ab12c70df8

    • SHA256

      696c10112d8b86a46e5057cbd0bf40728e79c6bb49cda1f2c67fe45d0fc1258d

    • SHA512

      31c1b5717432b67e6b150911747f34e8099c1a0870262bb3b5d3ac5c9e28b3b08e4239bd105408318806f983b3fcd10e617b2385511c46efe9fe58a9cd4a7067

    • SSDEEP

      1536:b/XeuJDe5c4bFe2JyhcvxXWpD7d3334BkZn+P7niDv3hO3:DXeuJDe5c4bFe2JyhcvxXWpD7d3334BD

    Score
    1/10
    behavioral24

    • Target

      x86/api-ms-win-crt-process-l1-1-0.dll

    • Size

      18KB

    • MD5

      66f4e530a19ed2f6862b5ce946437875

    • SHA1

      016bfa4eafb407e43abdcd9582dbca7dcf85d3de

    • SHA256

      542a22540cdb7df46d957a0208d50507916f7c737bea833931239d56ebe8d68c

    • SHA512

      2653b2118f4db250850dcefd3536e0fd2bc55e9774376b51e586658e4e5d79a35cb425ebe0a8391124997e24c8aaa84bac799162a31446ef47db667a4a3f0eb9

    • SSDEEP

      384:W3KAWfhWk+Y3DGk8ZpH3GCJErW25tL+Y3DGURRQ8JN77hhGz:fDDGkiRBEy4BDG43hgz

    Score
    1/10
    behavioral25

    • Target

      x86/chrome_[1MB]_[1].exe

    • Size

      1.9MB

    • MD5

      068cf70414b79cd8bc078497553389ed

    • SHA1

      d9778170404ad0435ab82ebba3fb5515831dd17e

    • SHA256

      c532ffa77b220ac54083dffb2286c526c2873131448e3a37fe29dbee6aa028b4

    • SHA512

      89b69a9c53530605573d7816eb625840404251e9407fa6041492fa5ad21bfe21206f2fa5bb21f4b85017c5a39daabe13f51c615f54ce08fffaeeb5556bdb45ad

    • SSDEEP

      49152:9b8W92V8WpGaPIgI0GW5VuwHDoTZyMB0q7ug52I8:mW08WpNPLGY4wHDoTZyMjSF

    Score
    1/10
    behavioral26behavioral27

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.