lumma | 4bfd1018ecf71133935bcc51db87d2a65a8ba866d0cf5dff2c75a7e6339b9a51 | Triage

Sharing

General

Target

4bfd1018ecf71133935bcc51db87d2a65a8ba866d0cf5dff2c75a7e6339b9a51.zip
Size

2.8MB
Sample

241002-bmkr8azcqp
MD5

fda0ee00772faf3858b7fd7fbbd3e80d
SHA1

dd98f74be2a01b7b8c2a3a6e7c413134d2de9902
SHA256

4bfd1018ecf71133935bcc51db87d2a65a8ba866d0cf5dff2c75a7e6339b9a51
SHA512

57c4f6fece9be41a5992463b2995e871bf3d3bc15402a71a4322a7f54dfce43907da55873c114cb49fae4bdb1383b96680b9a1c5bf8fb8b04a147a248dfd9956
SSDEEP

49152:PQ3MkxEiF6mPkQ5geYmTcCERW7Z7Rpusl0yVKTuXrrpy3mqZoupH:PQ3Mkx6ecetp7R8WxemKpH

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://trenndylicensei.shop/api

Extracted

Family

lumma

C2

https://trenndylicensei.shop/api

https://gravvitywio.store/api

Targets

- Target
  
  Setup.exe
- Size
  
  966KB
- MD5
  
  e634616d3b445fc1cd55ee79cf5326ea
- SHA1
  
  ca27a368d87bc776884322ca996f3b24e20645f4
- SHA256
  
  1fcd04fe1a3d519c7d585216b414cd947d16997d77d81a2892821f588c630937
- SHA512
  
  7d491c0a97ce60e22238a1a3530f45fbb3c82377b400d7986db09eccad05c9c22fb5daa2b4781882f870ab088326e5f6156613124caa67b54601cbad8f66aa90
- SSDEEP
  
  24576:we3xAibB85Z1HrWtB8z1L1OTJu5zzz3zzzozzz3zzzSZ:HxAibBEZ1LWtBzQrZ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  libvlc.dll
- Size
  
  186KB
- MD5
  
  4b262612db64f26ea1168ca569811110
- SHA1
  
  8e59964d1302a3109513cd4fd22c1f313e79654c
- SHA256
  
  a9340c99206f3388153d85df4ca94d33b28c60879406cc10ff1fd10eae16523f
- SHA512
  
  9902e64eb1e5ed4c67f4b7e523b41bde4535148c6be20db5f386a1da74533ca575383f1b3154f5985e379df9e1e164b6bda25a66504edcfaa57d40b04fc658c7
- SSDEEP
  
  3072:f3jr3xal+e5Wz5+xCwcNohCMYMUyNUjqsbJLyLM5xjxN:f3jFe5WYYwRj4yNMqSLyLS
Score

1^/10
behavioral3 behavioral4
- Target
  
  libvlccore.dll
- Size
  
  2.7MB
- MD5
  
  dbb051c150d9526ff692b001a935c915
- SHA1
  
  cfc4b322ae84ae5766627acc184c8166a8e62a4f
- SHA256
  
  9089d936f5dfb362e58d10ff16e5529c429007809694a2a548b9cacee925231c
- SHA512
  
  9e83eefb22d4ca050aac49b2fd25d5ab1bcc3ebca842a10c1ef8e68bde1aa69fdfc6581f5fb99a1eaccab570929fbef827c7b6b381ab2c8c4bb41c2eed062c85
- SSDEEP
  
  49152:JA9qEelmNGJRcsADizpXtBOyABAUZLY6sEZGaXBuQQ9ey9:Qq8fWABAUZL3A
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

behavioral4

behavioral5

behavioral6