lumma | 7c270da2506ba3354531e0934096315422ee719ad9ea16cb1ee86a7004a9ce27

Resubmissions

17-10-2024 00:08

241017-ae5a8avalj 10

17-10-2024 00:04

16-10-2024 23:52

16-10-2024 23:50

16-10-2024 22:52

Sharing

Copy URL

Twitter E-mail

General

Target

XWorm-5.6-main.zip
Size

25.1MB
Sample

241017-ac1v1s1bph
MD5

95c1c4a3673071e05814af8b2a138be4
SHA1

4c08b79195e0ff13b63cfb0e815a09dc426ac340
SHA256

7c270da2506ba3354531e0934096315422ee719ad9ea16cb1ee86a7004a9ce27
SHA512

339a47ecfc6d403beb55d51128164a520c4bea63733be3cfd47aec47953fbf2792aa4e150f4122994a7620122b0e0fc20c1eeb2f9697cf5578df08426820fecd
SSDEEP

786432:Ty5jMDNnx2+4NYobtH8VVtKqi9+i514XZ/pjYlp0:MMDNnxV4iobxibiIi5MpjYv0

Score

10^/10

Malware Config

Extracted

Family

lumma

https://pillowbrocccolipe.shop/api

https://communicationgenerwo.shop/api

https://diskretainvigorousiw.shop/api

https://affordcharmcropwo.shop/api

https://dismissalcylinderhostw.shop/api

https://enthusiasimtitleow.shop/api

https://worryfillvolcawoi.shop/api

https://cleartotalfisherwo.shop/api

Targets

- Target
  
  XWorm-5.6-main/Fixer.bat
- Size
  
  122B
- MD5
  
  2dabc46ce85aaff29f22cd74ec074f86
- SHA1
  
  208ae3e48d67b94cc8be7bbfd9341d373fa8a730
- SHA256
  
  a11703fd47d16020fa099a95bb4e46247d32cf8821dc1826e77a971cdd3c4c55
- SHA512
  
  6a50b525bc5d8eb008b1b0d704f9942f72f1413e65751e3de83d2e16ef3cf02ef171b9da3fff0d2d92a81daac7f61b379fcf7a393f46e914435f6261965a53b3
Score

1^/10
behavioral1 behavioral2
- Target
  
  XWorm-5.6-main/Plugins/UACBypass.dll
- Size
  
  10KB
- MD5
  
  158e789d0b6cbc52fcb6653fefca38f9
- SHA1
  
  4e913315dc3d69abe2be5e5b3a5d37b5f49f7deb
- SHA256
  
  ebd51f1e33673cb8e55f10aa890a04027d62b1c1c0b0ae9b1d6f83f1602f53a2
- SHA512
  
  23243daadbad2f68b6ed6720d5792226f9c2aeb0b14cf3bf24ac54dcb7a2aa4aff9d26a5633d3add0d871e4ec65c230752c7c173cc4a4374f9263e2c46f9977a
- SSDEEP
  
  192:kcq0WYKDFxDviOGOko8bZfmgyOYkIW1UZ/Xvjljw2ugiSL20V:kntNFxOrE8bLyOYBZ/XTugU0V
Score

1^/10
behavioral3 behavioral4
- Target
  
  XWorm-5.6-main/RES/XWorm.Resources.resources
- Size
  
  1.6MB
- MD5
  
  34986e38b463873af40f694874c1f6d3
- SHA1
  
  8fa89cdb7a394cf8093d548ca9db4652c703ee72
- SHA256
  
  557058bd29a5eb55ef073ea9c4dec0baea1fd3f3f4bf2cdd5ee3dfd33735e93a
- SHA512
  
  c1b0278e8c21e5c28204f692a5cf5ed16c8ada0c6022d7d38e70905255f3aeb5d2c0fd4549f0ed19ead52aa0ced891a8f9372123bf5e1710be004958750874e4
- SSDEEP
  
  49152:OsP2WTJcLsk9Pk6gAK6BN2NQUe+ErnuVqjNhHXH:zuWTGLP9Pk6gAK6n4ldyNh3
Score

1^/10
behavioral5 behavioral6
- Target
  
  XWorm-5.6-main/Xworm V5.6.exe
- Size
  
  14.9MB
- MD5
  
  56ccb739926a725e78a7acf9af52c4bb
- SHA1
  
  5b01b90137871c3c8f0d04f510c4d56b23932cbc
- SHA256
  
  90f58865f265722ab007abb25074b3fc4916e927402552c6be17ef9afac96405
- SHA512
  
  2fee662bc4a1a36ce7328b23f991fa4a383b628839e403d6eb6a9533084b17699a6c939509867a86e803aafef2f9def98fa9305b576dad754aa7f599920c19a1
- SSDEEP
  
  196608:P4/BAe1d4ihvy85JhhYc3BSL1kehn4inje:PuyIhhkRka4i
Score

1^/10
behavioral7 behavioral8
- Target
  
  XWorm-5.6-main/XwormLoader.exe
- Size
  
  490KB
- MD5
  
  9c9245810bad661af3d6efec543d34fd
- SHA1
  
  93e4f301156d120a87fe2c4be3aaa28b9dfd1a8d
- SHA256
  
  f5f14b9073f86da926a8ed319b3289b893442414d1511e45177f6915fb4e5478
- SHA512
  
  90d9593595511e722b733a13c53d2e69a1adc9c79b3349350deead2c1cdfed615921fb503597950070e9055f6df74bb64ccd94a60d7716822aa632699c70b767
- SSDEEP
  
  6144:3PkcFUUUQHs5TlOhDuy4VjmSO6/tU4j06xeJyCjvhsXZ4m05d0qCsfBLuWWCV/rr:3McWUUysz/NhKjJPhM4/5bV/rvgE3
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10