lumma | 78b12a9c031afe246c42a4ba332f5189db32cd388853b607927f7ab2b99e4eb3 | Triage

Sharing

General

Target

Satup___Here.zip
Size

2.7MB
Sample

240903-r4qb2azclk
MD5

46d2cf73ad32b7f4b7664129fe034dc2
SHA1

1be6320f0b21bb40fef58716a9fd6b819db5a968
SHA256

78b12a9c031afe246c42a4ba332f5189db32cd388853b607927f7ab2b99e4eb3
SHA512

37117e093ba45738692e3d5e870a9252f24347eb24c7d3f5ce99736e2f941c503206df26843056c3cf1d25ea91d4a08e075638c8ca8348c9a4b6936eba659dbf
SSDEEP

49152:d4zd+FK5fjaoaZxQIPLtrSTXErlov9Ge37OCCTC4dWf/HGF:KoK5fjqNryXVVGer2TLdwHQ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://bassicnuadnwi.shop/api

https://locatedblsoqp.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  1.6MB
- MD5
  
  ec539c4a9c60b3690fbd891e19333362
- SHA1
  
  7cd141b72d9c6701c27f939b790624ebe04668fd
- SHA256
  
  1d60149ce640f4e07bceeb8940950441025277f1eba4f501f8afe558030b34fe
- SHA512
  
  b6a3496e7b6f7aed5dcc7e0bb3fe903d2c231ff5470bbedd37e8bea83b1951dc835f32ac6508dea8b561bfd6354e7741227a42eb49fc0575ce64e12b494c00c1
- SSDEEP
  
  24576:Iz2WcNmHWLyc6+QrRIVkQirZieVPpd27K8mBWSjTUvJ2Npi8TofJ8jH3cT:RNmHyyc63YwQcTjT02NPTofJWXcT
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  datastate.dll
- Size
  
  75KB
- MD5
  
  28f0ccf746f952f94ff434ca989b7814
- SHA1
  
  506e85d2de6377492d90b98aa20663b0ff3ce32a
- SHA256
  
  6010e2147a0f51a7bfa2f942a5a9eaad9a294f463f717963b486ed3f53d305c2
- SHA512
  
  b74ebb9a12079caf7bc074bb977ee94dc6ffcae845c1120026f384953fe2499d4bb0cdb7b6dcb2ff7f37e8135db06048815cc13d1837235eb11fe86e3c4572ee
- SSDEEP
  
  768:BdPmXHrMcRkZrVlqE6BI6TalNPzrrSRTy3IXGX8prYXDRMMUKkVp4VdEhahE:r+XrMzriE6BorrJIXJpCRM7fVp4c
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  sqlite3.dll
- Size
  
  889KB
- MD5
  
  139bc72a6045bd3761a701a2c8838481
- SHA1
  
  0702747c24b0f2637c6b09be7ccb91fda9ed1584
- SHA256
  
  b85a947025c582ca37a9c207a90b2efa8e0cb46557a258838e64451180821499
- SHA512
  
  53a69eda5b122bc31a20bd270ed80ca58fbde8c2fd9331dbe21d7943e5e5acc9b7dac651c42dbc0729e32c3a8eb465508a7b00c26c305724e804409c2709361d
- SSDEEP
  
  24576:X/xNAQB74x0FwTuis6eCwjH+SWAhzf/A/:XE+syis/LjH+S5hs
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer

behavioral3

behavioral4

behavioral5

behavioral6