lumma | b88eba51614aaa61dcfbfab6fd7e7a9253a67e9bb6f6c6c830c0935f1998128b

Sharing

Copy URL Twitter E-mail

General

Target

[email protected]
Size

17.7MB
Sample

241013-w9gz3awdnj
MD5

5a26818bef76916f6abcd8be8eef5615
SHA1

a60135f07772729a22938b590d74fd50be3f97d2
SHA256

b88eba51614aaa61dcfbfab6fd7e7a9253a67e9bb6f6c6c830c0935f1998128b
SHA512

28f4aeb73c21fabc7e2b09027c62aafccc36ce7f8b3380cef1f588a1d9c66c60731c57cddbe1e08d92edaa797ee976794f792665b5a53a29c416647943fdd2f6
SSDEEP

393216:gieTDO56GwRYN1XxcHYMCd6jVDy8bjlktIYPYkJIyATBAPsha9xz4:le+9n3XxoDCdehAIiJkAPs8jE

Score

10^/10

Malware Config

Extracted

Family

lumma

https://drawwyobstacw.sbs

https://condifendteu.sbs

https://ehticsprocw.sbs

https://vennurviot.sbs

https://resinedyw.sbs

https://enlargkiw.sbs

https://allocatinow.sbs

https://mathcucom.sbs

https://proclaimykn.buzz

Targets

- Target
  
  [email protected]
- Size
  
  781.6MB
- MD5
  
  30bc106a7a64edbbecabc7ec25a7eeb0
- SHA1
  
  7d5cdae23d30593cd395d5d83cc234fb128fd7c8
- SHA256
  
  380900fee200269329d9c0ea97f9ce596a6e3c38d18e74ee2c03b02baae747a8
- SHA512
  
  b46c9e29691f7f5e107c56168a1408f1d97da27a18e858026ab89a69f42bebbcfe8e2c433f69feb8a6b5ceb7ed3321c831168fedc1c55beb5a62ab0edbf4c395
- SSDEEP
  
  196608:JUHy0s8us92Lqh/nsXy2BLojRKpYLZC+tVo559fwwrkVtKW2t3D1RSW:x8u02iz2horLZCwa5ZwwrUT2FD1RSW
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  L@unnchsr/AltoPlugIns.dll
- Size
  
  11KB
- MD5
  
  15f1f30390db731b0c811fefa5c59960
- SHA1
  
  39fc10a36039d78d3d4bad1f7af942281190d821
- SHA256
  
  45164502f1400a29e7d283df78abf6be095ca2bf1c4f0045a1389a411f241eb8
- SHA512
  
  dcb9624b48c64c9978879313dfe6bc6a9ca1ef8a9b9cfadde07bc2807511f7015ca48742a80c6f955ca93198d8242ee7b60d6909992816277a3b01e6a1bc0ae1
- SSDEEP
  
  192:v/Jl2x3v1QuylC9UYc0g7DWJ3NcsvZ7RHPRAT+inY:v/Jl2xf1QuylCTrJ9vh7RHP2T+D
Score

1^/10
behavioral3 behavioral4
- Target
  
  L@unnchsr/Microsoft.WindowsAPICodePack.dll
- Size
  
  103KB
- MD5
  
  56e013e924822c9d02329b15b03ede73
- SHA1
  
  085dacfcd1ffa398b795d096833d16367b0d2886
- SHA256
  
  7b88388b8367f0d873d0e3b66f533869c24e346fb6f0b2c6c783f931cc9a1631
- SHA512
  
  ea0020ee32e0c7e7323f5858a462bf762f65013509012147430f0d8f665eb86f534d2491ca9f737c15bf6f995a8d3e0172537129a0dc8628cf7bf0d0f48457d1
- SSDEEP
  
  3072:YfBa6TWUNuRhicznzcSZRazyDG43vjyMcnFliz:dUNuZjAI+mvuM
Score

1^/10
behavioral5 behavioral6
- Target
  
  L@unnchsr/PortAudio.dll
- Size
  
  119KB
- MD5
  
  f7bc2c88ec367ac54baf5281587c86ec
- SHA1
  
  c65f06a6f3a61d818324d9122fcda515fcf9c53b
- SHA256
  
  21ecd1888d0b92614c8611c0f560dd4176adbdf9894d819890e29f643548db4f
- SHA512
  
  460738e4a819040bbdeeb90f6f56516c7a1fe6aac0fe23b256c046761e63eda2786011c3a80502ecfe8ebc4c6d728e4e6b02d76b663e2bf20b045b94239e11e2
- SSDEEP
  
  3072:UwfppTGfoFXycV5ZeTpWMyjw+bvGHcxLG:U0FXFVOyjw+bv3G
Score

1^/10
behavioral7 behavioral8
- Target
  
  L@unnchsr/PortAudioSharp.dll
- Size
  
  44KB
- MD5
  
  c7f9235683622eb9d9c1df683095fd00
- SHA1
  
  8d45ab929065d3373e2ac85239292977424ece8b
- SHA256
  
  80fdff34287f2e73bec102fbc2c49e62d7489a135a69e4e9a25c879c0c2854f9
- SHA512
  
  9e041d23af8a3e7770e99d74c77effd97f899879467a4b4ed71030144b2e8ee0f8a6de79d1c98600afcfde338d27ddb8e0156e1010bdb861268c1cece1854bf2
- SSDEEP
  
  768:slO481vbvb/jcOG5Kdtuj+dDwkd4xHAbYEEiy:slOXjcOGQtuj+dDwkuxHAbYJiy
Score

1^/10
behavioral10 behavioral9
- Target
  
  L@unnchsr/Qt5GuiVBox.dll
- Size
  
  6.5MB
- MD5
  
  fdb292453760d9bc3cdd0b54013c6a99
- SHA1
  
  30d27da6ec867ed2b8a53384ac947b812d9d7cbd
- SHA256
  
  86f6a04fe611ca402d3c4841561f5b396ce61f0212bb6da58c7274532e2cfd14
- SHA512
  
  eca792cc814c0d072ecb866da4a5ac41629758c91faac4cf3f5947191899919c72a1462ce97bc49382afef44780302f7ac3fb2052cfe0cdc8d2a3f390a870c66
- SSDEEP
  
  49152:onEioloxnujFw81clK7uqtfMxzWHIbi/CCwjxpE4RFzwToN2BM7PV1HbSTiBAym2:OEiEZEqeHX/RFKociJYtl8vsOM04bm
Score

1^/10
behavioral11 behavioral12
- Target
  
  L@unnchsr/Qt5SqlVBox.dll
- Size
  
  218KB
- MD5
  
  bbc454dfbd919ce1524e75478582c04d
- SHA1
  
  4a331b6dc29c28a0d4fbef90225448b88fd2a6fd
- SHA256
  
  eaa9efde1704fa6abbef9878eecfa386e89003f23e07adcaf641a6c741893ba1
- SHA512
  
  0a41edb08378c6930bb6d6d6e951d550129dcb07886cfc636e28903c32b8dfe49124cffc852bc9f93058d3679c4f775d70e9f869760f82a5af54d9dcb303a013
- SSDEEP
  
  3072:gFgYgUFb6RWyLGttBrz7UVCoAsoRrXaZqb/Lh9VEyIXveGtGgCUF:CgzU5lyWcCoKr9/LhrEyIXveGtGcF
Score

1^/10
behavioral13 behavioral14
- Target
  
  L@unnchsr/SilenceTrimmerPlugIn.dll
- Size
  
  9KB
- MD5
  
  eb27bd56b3dbcdb9f238e7a46fb429e2
- SHA1
  
  26058672530a02e0dbdb5ed41e31d30474f2167e
- SHA256
  
  484370464e8e93c4e8806f1ec98d5b5428ce7f3edf53cb11de3acfcaf411bc01
- SHA512
  
  0c43af38e7d8c77dc025f572d6db887f1c26556bc2181343bf6f13afbed4d49af04ba8313cc06e8569f261bfe34ee136a3ae5b79724c7d10da73a4dd8c5407bb
- SSDEEP
  
  192:w3V2jYGTfiWPcj7xBuB1bkKWkj8APq6pun7V:w3WYerPq7afkKWs8Sun7V
Score

1^/10
behavioral15 behavioral16
- Target
  
  L@unnchsr/System.Runtime.WindowsRuntime.dll
- Size
  
  27KB
- MD5
  
  870baa43c2237c9104fa0c4bb72ad712
- SHA1
  
  5bfb6b352c33b3cf292100223e14af7b54b9cb83
- SHA256
  
  d402f33db69b806348097c9b3241c8c6567416be1cf2d991fa2a21360f3b7820
- SHA512
  
  28e6c70bec1bf3ad24af23ba0ca3b08c8a514ffd24fa270b0d594d1a529c535a3ed22542f15e13bfe2d868bff461504c921f528ab1ea67533fe46828f66ef99a
- SSDEEP
  
  384:5B9g5l+A3VVdCRdtOfd7TCUBQ4BX8JZa6Si5HsOgrE2WGCWs7h0GftpBjfL7jFtp:f9g5HVVX12fsOgrE+lidL70aGYJJ
Score

1^/10
behavioral17 behavioral18
- Target
  
  L@unnchsr/VBoxClient-x86.dll
- Size
  
  669KB
- MD5
  
  8499bcb782e639b57abb8b503d410eb8
- SHA1
  
  a4e3363a30c02fe999eedfed50a8dd200f4c46c9
- SHA256
  
  84b47308abc293515fa8b682d7ede3a53fed426a7073cfec466bcde681da715f
- SHA512
  
  344132b5148ce38174230efb51b0aaa85709bbe2f34c09ff47e9390324ee1139423717cc461e7f276db80fcb86a0509ca92cd84a18b7657d3da65c8fe427fc39
- SSDEEP
  
  12288:BfWBgRdNVSnkjiLSRHhWsfl4GhW0TAZoq:BfWBgRdNUnkHWsfl4Gg0ED
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  L@unnchsr/VBoxProxyStub-x86.dll
- Size
  
  666KB
- MD5
  
  6d3c7d2e108cbb7b5389f51ff68bcb9a
- SHA1
  
  e47006dbd81b0ad005dfe95339bb54ac59b20f47
- SHA256
  
  53ed3512437fbeb4277c24790ce67db048f81b60c3669765541495ef88056b88
- SHA512
  
  0b69c294c32beff25e91ccfc5fd3b26ff76e8a92b81b3f69fc0065ae6c8d8a676039303cc5195bff1d71735a1af97f920ed1a9911bcbcd27a7532f7539605fdf
- SSDEEP
  
  6144:HzhEDInt1CqI2HVP5CkxQ+1QYCQkdJvdkjiLSRen4QI2QjWsfl4GZrWJ6TPRcoLZ:H1EPCSnkjiLSRHhWsfl4GhW0T+eZ
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  L@unnchsr/VBoxRT-x86.dll
- Size
  
  5.6MB
- MD5
  
  88c1cb4e7078fe246f08c0d00c265346
- SHA1
  
  9829e6632712ecc8095f4f182d07ee98972b7218
- SHA256
  
  a3a43521433ad0fe1dcec57c7e72c449626def4f71ad949f83b91e051456f83c
- SHA512
  
  f093c04f82f91d4bcabaa2c2fc4034f8af0406583fc9319b41b17c5cfc5ba8b4ff7dfddc7d7b841d0acc0ce5c473cbda6421b84778d0b263b55e49dcd15dad93
- SSDEEP
  
  98304:JswvVBnzhc41Il1cjNELdcuReBWP4M8uMkXnvJV5HtJdW:JxZOcjNELdcuQBdMvDnRV5NJ0
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  L@unnchsr/VBoxRT.dll
- Size
  
  6.9MB
- MD5
  
  9c96fc3d4616816a7655fdba0d3d5722
- SHA1
  
  d26575af4ef0ee2034efd49b1b44c55ebc02f34e
- SHA256
  
  ff6299343ba95ba302e15ae06c756f2b1aee26980e8d781f1c1766f2cb432d28
- SHA512
  
  15135ce9e6f63acb724fb87e6762f38ed5ab18ba14d6bff7f910283ce48d78a16fabc080b999338ac1ca7a504c7f69d2bd1853a1de4a5c87cfde6bc67f5d6672
- SSDEEP
  
  98304:Ol++bCDgegT6SG38sjwyKyg+NjA4+6Wn5J7liYcp4oFC:sRbCDgew6SG3ljwQFJA4+JnT7lGD4
Score

1^/10
behavioral25 behavioral26
- Target
  
  L@unnchsr/VBoxSharedClipboard.dll
- Size
  
  68KB
- MD5
  
  a802413b13e45c7d526705cbd3974ae5
- SHA1
  
  2a9a4ac71150af10718184fa283f7b8639685d57
- SHA256
  
  9fdc76da45016187d325b992b83980227112ba14ed1cb3a2dea8929046163a13
- SHA512
  
  41d6c870f387c84470e377e71eab9bbcdeab5f145bdf79c4ece5c4825d7e9e74c88f6a81d53c87d83dd508a51203ddb8e95b2e425529ca67023c52da1bdb3694
- SSDEEP
  
  1536:B+yAXGB5LXoJG+pT42hujrgmCETk+n7M5x0:B1AWBxYl2tTk+nZ
Score

1^/10
behavioral27 behavioral28
- Target
  
  L@unnchsr/VBoxSharedFolders.dll
- Size
  
  78KB
- MD5
  
  93f9f9335e95aebd2c914971c9f6bc58
- SHA1
  
  88f31cd750004a830285fc25f4264e94c5a8496a
- SHA256
  
  45b9bd24a786f5f9eaf3782f1c1d659fccee5e9b6ac941c756c43f09f0d10819
- SHA512
  
  117b8a16b0d0ab2b70aeab2c2375d0ce9cbc0d96f812e90dd1fb330af4ee18eedec82007133f5a35b2055580cc2b780c547e57a96fa69993cce7ff0ea111cb3a
- SSDEEP
  
  1536:lBIMzx4IWhzEqAh+e/Zt+LJgKr6TuZ7CO7EO0ydGjIxU:UMaJzEqA7Z2gKr6TuZ7d7EO0J7
Score

1^/10
behavioral29 behavioral30
- Target
  
  L@unnchsr/VBoxSupLib.dll
- Size
  
  22KB
- MD5
  
  9636cd28f536dd3fb438c866f28610a9
- SHA1
  
  af0a1e853cf9abfad78e57063258af7922726140
- SHA256
  
  34e8bd19a7dd241a1275a3cf77a8a59a7df1fc529f864f92d8548cc7e0429b26
- SHA512
  
  9ed50bec2dafa8d759615b9cb79d1862a7bf7f947e8123d56c9d09e899b59127d892dab66b23d8706db3ac1472c4b06c85d2357ef996b65c54c4fd4a1fdd3c90
- SSDEEP
  
  384:4XDxDEu03c+UHeMsxZB+FGs1DGiyZegiCAM+o/8E9VF0NywQB:k55F/1DGFnAMxkEN
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32