lumma | 07f0f19c2ffaf9d7e56c4de26bcd651d5eb4cae64c452b6ceece3e063da29978

Sharing

Copy URL

Twitter E-mail

General

Target

gitsoft_v1.31.7z
Size

7.2MB
Sample

240808-a83z9a1bpg
MD5

b00c1d3fd00fa3993bd08299cf29b951
SHA1

44b81bca2f28e1b03f1f65d7133e86fa4e913a2c
SHA256

07f0f19c2ffaf9d7e56c4de26bcd651d5eb4cae64c452b6ceece3e063da29978
SHA512

c072d02b4e4f17b8b29331fd77c4c7136ab4416054da19f92dab3bb9f9bd487f91b12ba54e09f38cccc727030eb59bbe4240da53530bafe9c7a97b8ce08f1f4c
SSDEEP

196608:FdHXzXNJ5k8flbvWwAJ40kwe52XQ8U9mGRlqA6bj:vXBJh143e52AbbqJ

Score

10^/10

Malware Config

Extracted

Family

lumma

https://celebratioopz.shop/api

https://writerospzm.shop/api

https://deallerospfosu.shop/api

https://bassizcellskz.shop/api

https://mennyudosirso.shop/api

https://languagedscie.shop/api

https://complaintsipzzx.shop/api

https://quialitsuzoxm.shop/api

https://tenntysjuxmz.shop/api

Targets

- Target
  
  gitsoft_v1.31.7z
- Size
  
  7.2MB
- MD5
  
  b00c1d3fd00fa3993bd08299cf29b951
- SHA1
  
  44b81bca2f28e1b03f1f65d7133e86fa4e913a2c
- SHA256
  
  07f0f19c2ffaf9d7e56c4de26bcd651d5eb4cae64c452b6ceece3e063da29978
- SHA512
  
  c072d02b4e4f17b8b29331fd77c4c7136ab4416054da19f92dab3bb9f9bd487f91b12ba54e09f38cccc727030eb59bbe4240da53530bafe9c7a97b8ce08f1f4c
- SSDEEP
  
  196608:FdHXzXNJ5k8flbvWwAJ40kwe52XQ8U9mGRlqA6bj:vXBJh143e52AbbqJ
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  README.txt
- Size
  
  1KB
- MD5
  
  04bc703c9ecbeed293adf5708d484bee
- SHA1
  
  ab4ff2614ffb89ee314ee8e86ddda61ba1996ba4
- SHA256
  
  ebf8587ce79ba4cf12bc9673528f3dfe9b5b9460b9521eb6787b71b25e2bcdd0
- SHA512
  
  c28c496eb78256bf91d34dbe62e45757a88427b268db45a0c0e027330c0d2cefae72ff2b2620eb2f32b713acc4459a052e4eddffb9cc7a47cc479edf7f81b0e3
Score

1^/10
behavioral3 behavioral4
- Target
  
  Setup_v1.31.exe
- Size
  
  24.8MB
- MD5
  
  03663b9afb57ce9ffc1aae9fd882054e
- SHA1
  
  356ce09526cb48e7eec4fe7928dec57fdfd93352
- SHA256
  
  1cc1c7d234dffa6d531d41db847baa50faee66d673f2bf43fb27ebab3e9ed8cc
- SHA512
  
  f1d99a65724aa4ed31dc312ed784737f48d4cae443f8046d13c492cc6dc06c5f0eae1cc89231c63a70b4f202790bf2a656a88346662c13fdf68e6566bb578d35
- SSDEEP
  
  98304:RB8JtamT3nuqknLK6h0YOQn7sBKZ/xMTOEmCIe8pw153XmaTdE5dY0qGCE:qHpknLKy0YOq7sC/IrmCIe8UmlAL
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral5 behavioral6
- Target
  
  libs_github/lib/flummer.xml
- Size
  
  937B
- MD5
  
  0fdc30d86d1173a49e2fd26ed4cf92c1
- SHA1
  
  0c74b4d0d33e8f69d2dbad9b7307c7850aa723cf
- SHA256
  
  d9ea1fadcce692089ad9d2b9d70515ed943f3f0903e9577003f9f431d54d26b5
- SHA512
  
  d262e744cd2d77e0c97cf33cba6dba613f55aced555c0c5750e610ea654a81c6fcc1c2a689104f1681cc6f3f904ea83183c7460d2ec3c32e303ed30accc3d423
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  libs_github/lib/garryaUnpaint.xml
- Size
  
  200B
- MD5
  
  3f77e98a274b2b257818ce52faa3b5c0
- SHA1
  
  55fd030b0a342d55ddbd7ffd1301635657d777e0
- SHA256
  
  5795bc0cede03dfc1da1a08abe4770be1725f033d5acfc3b4150e330796d489d
- SHA512
  
  19e0d49f19be3b7957b2d3c54046978fcd61ebeb8b913b8d911b6cb24bdea76ee569a8c2c92c76326d53c48b619e00fb50ed12e3d9f8fbfcc6ffc7e3b49ca2a1
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  libs_github/lib/jinnyPlonkoAxmaker.xml
- Size
  
  12KB
- MD5
  
  e786062575b51daf6f62176b04f17e59
- SHA1
  
  bb4ec35516695d6e3e46394a82404c279163c2a0
- SHA256
  
  07412ae8ed5bb6724421ad1b92a9728c2fb4e1997648d38f277d63825ec99983
- SHA512
  
  76e9311040c8cc301fc91b47436bd06dce27a24b6ccd0cdb5300d252e5ea9ce9421c1e131e9d7a9596f852a99b3512d58e09d6ad382c9cd10654ea9a3bd798b5
- SSDEEP
  
  192:eXNkTUIY9f0tjlIwATtuWJOSiaDz59fgPtEfdYH13Zen5eBQYn8mDkiyh1T:uIW0tjlLibgSiaRO6Fv5eBQC3kxh1T
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  libs_github/lib/lapel.xml
- Size
  
  2KB
- MD5
  
  fd1d10ba01c1d63443210c7a3ba02104
- SHA1
  
  d906d99c71439e641e954b243f81307b3ead6021
- SHA256
  
  9a9b3d0c86862b4e0bd98e09ececedc188d5662c44ffa1344143a7a6b994bb2a
- SHA512
  
  e370899a66a7c47462d959718841212a78bd4a17efaa722b510a6f9e823dbcb97d88c06d454f07e0326868ae560139acd2d2e5c2541605edea3365fcba49b0f4
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  libs_github/lib/luvianMellows/bedsockBogiePlebby.xml
- Size
  
  563B
- MD5
  
  60a597980983ea417216a0b9bb105a67
- SHA1
  
  7bfd015ffd5ab93d7286d3f15c5b0d1426f1b7a6
- SHA256
  
  7f17a4d317af838194e2509286d4ed6b53b1cceae383526b3df88f9c8713bde5
- SHA512
  
  4b24a3b5aabc18efcb4cf3e8d41c4f64b30a6850368c2efa7d000a679783253e48548ccb3298d13766ffe7434a99fcb0e2b94bc08dd8857604d8e70b31787a95
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  libs_github/lib/luvianMellows/ceriumPunkestAstride/botonyEsquire.xml
- Size
  
  13KB
- MD5
  
  188674de6ab74192dc846f0871be1ade
- SHA1
  
  71d6ecbb4a5864eac5abbfaeaf344743a02774e9
- SHA256
  
  1d1ddba1251ebc53c582f10ab681fb206ab3d22cc747a980756e34da4631caa5
- SHA512
  
  6ed94af480bd55c38f725cad6e64f37b5c68b46521bb577203d3d06e4f3ffb23b7a9d993618fcfb56762b82169a41d935ca09905a84177d726b3576e3e89e4e5
- SSDEEP
  
  192:XiTYovs4OTsmJEWfK4R1TybXYxue69dsi9AVgB45FEU0U8cjRb5VN80KrZVNNmeW:XicoYPK8AoxupnsnVbMIRlVlKafgsICd
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  libs_github/lib/luvianMellows/ceriumPunkestAstride/cotwin.xml
- Size
  
  13KB
- MD5
  
  53be45cec42e9aa75e19d01578996dc3
- SHA1
  
  17d7d91e1dc9d697b4d3c33317a79e7423f7bdd4
- SHA256
  
  74babb20d5690a41dcf59d015f9144abe8716e11f5f5c4f3c4c2acce9d3471bf
- SHA512
  
  56e1562620c626c8a5040c1061364d2dd7c5e9f32957c5cc721d24e5e6d45065b40f814b21d05a96372866732a6063ac87fc25ec8e872f276d0a0abf834e7d84
- SSDEEP
  
  384:HZNeCf7DJwdCMg81UVZCM5+tUbY62J7kx59cN:v3PH9/M62J7IM
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  libs_github/lib/luvianMellows/ceriumPunkestAstride/guckiAworry.xml
- Size
  
  11KB
- MD5
  
  091e59879f15dcfd631f9aa3c75e0055
- SHA1
  
  ed34e42887cb1feaae8f5e79b06b0e0ed9ac3a5a
- SHA256
  
  146e82787b8ee0388818bc735c79aa66bce108bd029cbaf674121d555dd7f5c1
- SHA512
  
  c19fd874017c5c40d91c641168c5dbe7a0089898fa9008e83bddcc58eb8b3d9c27b1a51b51520b82e2e9a8b525dd249d8829d5e68b0bbe3c3e47d3fa1d5b36a7
- SSDEEP
  
  192:BBD8rv3L/y4d5EASZWzRD481m1XRtbqnp79wJbRV0HazPMaElMJJKGktWVHjdRPW:78FEYzV48kX3bqp79Q4akibVk8RdRzqf
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  libs_github/lib/luvianMellows/ceriumPunkestAstride/trimersStylite.xml
- Size
  
  21KB
- MD5
  
  63bb83a40da4e8586307efa07a3760dc
- SHA1
  
  4e1b0b9675520bee24a702188d68749f10affb85
- SHA256
  
  7b39b2954f50f360e0554c7c13f149e34a2d01538ea4739b3a4cb3e9e8831c73
- SHA512
  
  d1f7a96cc9e49c35763391b627b931c5907fd1072a85fc7e065da528aecab10fe6355b2ff3446160ec4d5389ecc86ab1ebbda7fbccf1e3707c6f795d41a77336
- SSDEEP
  
  384:ya1uuO6BkSfo93ddpIvSbIDj6M4ypKPtM/BTZjW5ZApxk201i3:yaouO6Po93iSbzuKlMJN6KxCo
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  libs_github/lib/luvianMellows/ictuateStrae.xml
- Size
  
  3KB
- MD5
  
  fa31b90eaeb163edcd95732e209e1832
- SHA1
  
  13afdb239721e584010bfecc49090ad763aa8abc
- SHA256
  
  b5cb3deb466cee30e55d0100eae4711df848052d46ac2ffdb3b7cf009fd6489f
- SHA512
  
  34c018cd374c125496d9294e31b4a06ff91dc8d73c6e5a40ecb217ac445cd20af6c3286e75df5033312375f4a2e627723ef7990ac3d9563893e25c28e3066be4
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  libs_github/lib/luvianMellows/travFangy/daimenBruneGuff.xml
- Size
  
  1KB
- MD5
  
  20d57e57d65661eb91362300bf6d4afb
- SHA1
  
  8431b85f9cdd958f3b4e260bfda74696d5ac0391
- SHA256
  
  9cefd2fca77cef3ea009052a3acf1e45a00637e67ed3042ace492145d2fd5307
- SHA512
  
  b5aed7702217b19f3e04ee77903a54287389c21259e273ba6381d8477c5ffae8d57ec8589e14735dbc8abcc40e5c6b8fcdebf973a61b8a2189ecdf572850b72d
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  libs_github/lib/luvianMellows/travFangy/ovology.xml
- Size
  
  13KB
- MD5
  
  a5728af0070bfdb86109567055a8638e
- SHA1
  
  312482b3ba3a0171ca179db7748632941be4bb53
- SHA256
  
  07abc51485b36e2d367304672538b45b5dcc62256744ceadb940eb02414dabc0
- SHA512
  
  184d5a29165a9931e2e8f7a17feb4d83f80f2f46c705147914a020a6217a2decb6a136c428a401befcd9adee51bca5c1e4024b6c6bf7892ab4204abcf9192687
- SSDEEP
  
  192:dhwYN43Z/7FnZD0svyIismF05b/9KBCJolcxeJgze0WnFz3kTxkMGHfVuLeDswuV:P43ZMkyIilF0zN+ll6TW+wHf4q4jkW
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  libs_github/lib/luvianMellows/travFangy/upbyCutlers.xml
- Size
  
  6KB
- MD5
  
  ec644da428cd25c4f3b9b860a42813a5
- SHA1
  
  6c7bd6d45496432e24857cb52e8d213bf7c074b0
- SHA256
  
  ea94c11a9bba0983bc4e1d998609b1a9a58e1400d7e72880b6a60b3341b4c7be
- SHA512
  
  a4ce6d7854447811f3e5fb9ab66bc4e8a09c94b31197a0dc64e2d3548c8236b5c2acf5e2dfd5838b63ce624fe104382d73d9d4cd3dba814c5cca95ca56075598
- SSDEEP
  
  96:jQUvV+IzOEH83U+InETO4p7Bh/FkCH7mLSxGbO+N4B7r0pF75kdnRWz9:dV+Ijjup7bk6590pF74g5
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32