lumma | 3d870830fd73b5ba4a66670ba22fc44d2f574c2061ff34370f7f0f3c2aa84054

Sharing

Copy URL

Twitter E-mail

General

Target

@Se-tUp_2244_Pa$$W0rdss!.rar
Size

28.2MB
Sample

240914-vtepbsvgnq
MD5

b0d5fb11b4d322156b13a8bacb26f96f
SHA1

4b67bb15afe39f45914e4b7b9309f566a67782f6
SHA256

3d870830fd73b5ba4a66670ba22fc44d2f574c2061ff34370f7f0f3c2aa84054
SHA512

2a7e1bc5d05dd0eece97e6b65f409e53d18af5ec44ac1fa463a9c85a2f143e6122ecaa2091f9c7dd0ab089091980d922a85e6e062fe7166cb6f241310f81a71d
SSDEEP

786432:0rlt26VTADDcob2S1G5I0iut+R1Z65/nBbMyz0rPQVTADDcAVTADDcK:ecWZHSc59iuMRLY/Bwyz0IZsZK

Score

10^/10

Malware Config

Extracted

Family

lumma

https://managgerowkso.shop/api

https://complainnykso.shop/api

https://basedsymsotp.shop/api

https://charistmatwio.shop/api

https://grassemenwji.shop/api

https://stitchmiscpaew.shop/api

https://commisionipwn.shop/api

Targets

- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/Setup.exe
- Size
  
  1.1MB
- MD5
  
  c047ae13fc1e25bc494b17ca10aa179e
- SHA1
  
  e293c7815c0eb8fbc44d60a3e9b27bd91b44b522
- SHA256
  
  6c30c8a2e827f48fcfc934dd34fb2cb10acb8747fd11faae085d8ad352c01fbf
- SHA512
  
  0cfb96d23b043bcb954cc307f85e5bbc349c0c8a0c6eaa335ea9a8fa19ce65b047f30ed0049562d40880400d4f70e3bb28975d6970f3ae4af6da1ba06e36d48c
- SSDEEP
  
  12288:a9hZPq27B7+x3dPC4gvgdVwTzDxsVyY4YoUwpf5kpRG6xsfJAYo2R0B5YD5sW91A:STS27B7+x3E4tdS/Dxkd4YoDfZ90gLS
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/WebView2Loader.dll
- Size
  
  147KB
- MD5
  
  bc9f2fe3cca36588971b645fc22a29c3
- SHA1
  
  567f1fffeb7c5717a5d399275bba72c4ec0b2c35
- SHA256
  
  c6d0e9109b01cf82970d6c513e29cf4c5c445a1e0634b85a8f0911943df313ff
- SHA512
  
  7b89eb09fb8ec963174fe2adb7f865d342cdc68e5922edf7e7027065800b083300d8ef1e464ec5566e5287c602e534cc0b1fa2c5f6c27304fcf59508e9b5c21a
- SSDEEP
  
  3072:Ar0Caj+5UXzjUPcGE91jkXmxyu1A14mRgD8SjjTIJEtcuVux4W2rbzQrZ:Asy6jjUPBE9dGvW9mRNEtc+FDD
Score

1^/10
behavioral3 behavioral4
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/Templates/TemplateCorreoCliente.htm
- Size
  
  2KB
- MD5
  
  ce4c1f3ba9e690c4119e8ed39aa8eb78
- SHA1
  
  dc2da00c92b51431c01c5e598de4665c9989e856
- SHA256
  
  e17621dc67919e53a0d1be6a03fa0d97f01c8932f8d8912d556327e620310432
- SHA512
  
  daf95e6329b060fe230096fc7a594cf0a13801e2dcf9869affa5530a2d03bf6c0dd2d9340be5c312b82d41dad48057f86811a23b23fba93b0dc9a478986ac4ef
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.BootstrapIcons.dll
- Size
  
  2.1MB
- MD5
  
  8a999c6c4b38e3afef0b54cbd84180c6
- SHA1
  
  991b865b6dca9ead7d47dfb22faf584fea276044
- SHA256
  
  73e67b8a6607064c314b0a5d72def055ae0599beae1e7073d7a10626543d7fd0
- SHA512
  
  030fcb028335a62ea7c05053835c09016643bc2a941537a7a3dd97913cbc7f6c501e6ad3fb24fda4064d5ed08ed59702d911d7c9aa3f840e12e6db843464236d
- SSDEEP
  
  6144:CTuzE29sK1y7RQNsMse5AV54EFdxtkYVBQoahtxDfzjADAW4vBM9jd2e+pT9IaRr:4uzEBA
Score

1^/10
behavioral7 behavioral8
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.BoxIcons.dll
- Size
  
  2.0MB
- MD5
  
  c01837735db98ade25e996c8fec33bf6
- SHA1
  
  626cc39c077942f70b72795e999a14d8729a7298
- SHA256
  
  7b28873c6b729262f6f02ff2da46ca4aeaebcf3799eabd460bfbbf4a0fcf01ca
- SHA512
  
  6bce692e3bc1304b518a9b47244af4e689ab81362906c3cebf732db0eced533bbf5c9f3a779614f6b258e087b7cbe762a37a68373b4749f7c30ec330984a6f05
- SSDEEP
  
  12288:NbuZ0HSkOZo/IMCPY3sgUVhv9Rhz4iamcXw9320uVBi0KwxWjYyF:o
Score

1^/10
behavioral10 behavioral9
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.Codicons.dll
- Size
  
  559KB
- MD5
  
  7f92130abd27092c78a3e075334bb75e
- SHA1
  
  14f0cf7594d998d35762e7ada89143601b222613
- SHA256
  
  a22950cc45540743ac0feae232c4cffeb25baa54ac3604765907e849ddad25ec
- SHA512
  
  68e23a47a5700dd84ab6b602842d723056cc26db12a7d70336da4c5ee0372cd95883da7232a2527fea21669f82fc1a44afb647b6bf25084dd78174e25ed724f0
- SSDEEP
  
  6144:2tdYnKgBzqqrTzWBzqqrUzQ7M1L1MyzpmeJ4O:26O
Score

1^/10
behavioral11 behavioral12
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.Coolicons.dll
- Size
  
  451KB
- MD5
  
  14f3f599e7a67c95d779820dba5a9fff
- SHA1
  
  b88ea6caa09ecf11d2e6dbae039ab0734a823345
- SHA256
  
  213956439f1d224be2f78ae9a345e2c02902750cd83a4a0439234afe801e75e5
- SHA512
  
  e295ab8f8d90208f6a41320868d73a225a12bedc15591f2a19103a659fb437016ebded0c8fd62c61db3a8dadaafb07565cb76a51fd4113acd20cd568e36807a2
- SSDEEP
  
  6144:Psu6HHHYtONor0Gw90Lx5FkbrawYhhGqlQz08aWFe/HD6TYm5oE3e3FsPgiu9g3z:P1774BfdWECoBmW
Score

1^/10
behavioral13 behavioral14
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.Core.dll
- Size
  
  19KB
- MD5
  
  b705c478c096ef8ea4fc0738d52d1c84
- SHA1
  
  44ec80a1259df99ac06cc342b03ca0fb9db22faf
- SHA256
  
  b6156814d7014a38587991b19eec9228439bc0b2558cfa9bedb4e72ac611fccb
- SHA512
  
  f212cde6c87920b3ee6e588c473987646c3f6ddca4b2122dd876ff61815dc7dccbbcb469024fd50cb0f3e1829643859e3eec4c8a91442056624c6f5922344b35
- SSDEEP
  
  384:feCnIM4AZxFYzXKZHqwAodV5rroIYJFzcQ8tFq3qs6jUasojg4APsTTlj5a6wIYU:feu4RIDfov4bFyUjUnWsKGVD6
Score

1^/10
behavioral15 behavioral16
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.Entypo.dll
- Size
  
  490KB
- MD5
  
  60aaa132d1992d132f7fbaef8cd0ccb3
- SHA1
  
  6f7d9226d195efed993cae4a2ea447e125ce1d23
- SHA256
  
  1017345eeae7e6df2b894c36ebad15f469474ca612749c9e1865126175c74364
- SHA512
  
  1e82f82144674cf5591a1ead06f8d37b5dad11f16114c70664cd2891f6b32ef23ae543e34320105407e57d48543faa2286a8d8ff21dfa7076be3c18808d3a3ea
- SSDEEP
  
  6144:5bworP4b71rPwhET9FDsBGZfiqJMUlOv5CuwVpKex7byEZAzftaDi/KAFwrSmfLM:9wKRLLKACX2m
Score

1^/10
behavioral17 behavioral18
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.EvaIcons.dll
- Size
  
  416KB
- MD5
  
  721f37645c32653200b06969419344b2
- SHA1
  
  ba5a3868632e98adef61c7a2999e726881eca4a7
- SHA256
  
  14d31cdf80fab1df0f874e4f8d8090b5393b6ffac6cd86dfb5c71dd8f62f4e93
- SHA512
  
  f3d8375d2df69fce7e4dbff68295281a94cdce9de86ef52aa951c7d2ff8cad48777a76192d6a20f0b804b307d48914f66fcff7bc25da2ab946de456079db59db
- SSDEEP
  
  3072:esRQOZCZi9zOr8G2OIC5kXgRXgFmrUjwD:/RQwLbmW+
Score

1^/10
behavioral19 behavioral20
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.FeatherIcons.dll
- Size
  
  106KB
- MD5
  
  0cb966a395147c28dd9abf5482ae64fc
- SHA1
  
  81a657e20670a8cb120270047cae1f552ba40100
- SHA256
  
  fa81d23b3ebf44d72897d673dfd750ae764de32d8d05888e77d80018e041156b
- SHA512
  
  e58f13389f8e229ad44625320948f8fe1cbf469980c8774c1f8ecd4228edd8039af3e361ccec91ae011460801169eb85e8aa1eebe2be2282cb8b6d7944c36f2f
- SSDEEP
  
  3072:7QVRLunLLLaDLQv4xLi/CLU9d+AHXkusnqyKM/6dNzj23T2rB6ibsKwGv6mBhZQ:AikuVdNzj23Vmbe
Score

1^/10
behavioral21 behavioral22
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.FileIcons.dll
- Size
  
  2.5MB
- MD5
  
  7505de114074730c17bfdca7e7c5657d
- SHA1
  
  72285ce3d75c803a4f2cb7244dbc5f6ea6b6e7c2
- SHA256
  
  6b876cc6e22e1bb6a9a7bc862c043aa49926760714a6d92122e436b561a659cb
- SHA512
  
  10cf63aa781d948b07d4bfb02fc66c5b72328d9fb9f8e6d4b5816c54851777f8e276b196693b17a14998f21387cdd030fd2bda067c0547fca366e651397cd65a
- SSDEEP
  
  12288:Z88jUgEwEUkTS0B2gO32lSYGVHfkbuBzNl6iK4LbBzuqbBuQ0bCLf7PQGI0iFzmk:jhxyU
Score

1^/10
behavioral23 behavioral24
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.FontAwesome.dll
- Size
  
  2.3MB
- MD5
  
  5214c8c29b814c62a89424429933d78e
- SHA1
  
  ae62844a871389cfa1f36152621d896286f67872
- SHA256
  
  dbf78865859b0776df2458aa7f490d66e1b54104873063e99f4b9a4d9d59accc
- SHA512
  
  bbb9a7ecbb95170a409b31a73ecb875938bf8ba29d5b470764208b9d6a41f447d23958f907d1a871218567186e78f4175ebd2a08112e26c1c8c99af29c8dc535
- SSDEEP
  
  24576:fojPJMpMIU11zYHfa//KM6sA/lUPKHMhY+4Pv6P/Mzk6A/MBn/MBY6k94PEeB7Bc:fojPJMu
Score

1^/10
behavioral25 behavioral26
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.Fontaudio.dll
- Size
  
  398KB
- MD5
  
  086160aa7449ea0d3c89393289d6cf3c
- SHA1
  
  f0fd895ced7e9c2c96943754bebd66fefe6f9595
- SHA256
  
  8d6da96f5612060f6ebdd76874c5dc52528665664f148d290697bf12cf884c3d
- SHA512
  
  85a4472f1b7b49a2512a5ac046fc7c6f501f4ded12671b94f02dbe424146852160c4aa19254aee6fc435e2ecb3547378ff2d484d00f9f882e79399a1470d303a
- SSDEEP
  
  3072:4KbKfVf+WDio/2G8K0b1+oxzsf+RSyXQfKZsyQQv0VndywQImZXZsU2ynIySoAYk:72ioilfc5dywHmZJt2SSCOROSJPmlu
Score

1^/10
behavioral27 behavioral28
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.Fontisto.dll
- Size
  
  2.7MB
- MD5
  
  3e3f7e5dec93557b5c00e750b008dc23
- SHA1
  
  bf0fa3e913e15c2090caa238361094029d3e1de2
- SHA256
  
  98fdfd6e8fabd67e9af84453f4942333002d809f45184b04db04060d61dc40ba
- SHA512
  
  331f867a0fdc51bfd8506c4d70f6cb867c90b122632e4392a59b0321fb8f51b4d840540f7029f30bef87bc72e92b51031ff9c522670082ebe97001bb6091ff5d
- SSDEEP
  
  12288:0KlPHWdRGyp9TZhvbfN8Meppp/z5RTl215hG9g7wJDZNsJ6TmGpkNOFEIH7/deH5:0Klz77FG
Score

1^/10
behavioral29 behavioral30
- Target
  
  @Se-tUp_2244_Pa$$W0rdss!/x64/plugins/MahApps.Metro.IconPacks.ForkAwesome.dll
- Size
  
  1.0MB
- MD5
  
  afd3000ebb93066adf25e1cbb1a8cea2
- SHA1
  
  f60cae59ceb4a91293fd5f0b976b3b518344465b
- SHA256
  
  4c245aad2d0b737bd71bbed74f13e680761f555f34d68a71a952b36e1b6c07fd
- SHA512
  
  87c985c2b6f692af978829bb5004550531f5f2bbe0b33e670b4923b6b1ce87b67cbc0f8497285c740e81fe3975219f7f748da3aab478867868441dbf43f9ce2f
- SSDEEP
  
  12288:z6+zsd+TlD2jsdXbjc7DeCmLp5M2YQeB1gOR95CYF323Jd3vrW27M:F
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Executes dropped EXE

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32