Overview

overview

10

Static

static

3

Sample/Ias...in.dll

windows10-2004-x64

3

Sample/Qt5Core.dll

windows7-x64

1

Sample/Qt5Core.dll

windows10-2004-x64

1

Sample/Qt5Gui.dll

windows7-x64

1

Sample/Qt5Gui.dll

windows10-2004-x64

1

Sample/Qt5Network.dll

windows7-x64

1

Sample/Qt5Network.dll

windows10-2004-x64

1

Sample/Qt5...rt.dll

windows7-x64

1

Sample/Qt5...rt.dll

windows10-2004-x64

1

Sample/Qt5Widgets.dll

windows7-x64

1

Sample/Qt5Widgets.dll

windows10-2004-x64

1

Sample/Setup.exe

windows7-x64

10

Sample/Setup.exe

windows10-2004-x64

10

Sample/StarBurn.dll

windows7-x64

1

Sample/StarBurn.dll

windows10-2004-x64

1

Sample/config.exe

windows7-x64

1

Sample/config.exe

windows10-2004-x64

3

Sample/msvcp140.dll

windows7-x64

1

Sample/msvcp140.dll

windows10-2004-x64

1

Sample/opengl64.exe

windows7-x64

1

Sample/opengl64.exe

windows10-2004-x64

1

Sample/vcr...40.dll

windows7-x64

1

Sample/vcr...40.dll

windows10-2004-x64

1

Sample/vcr..._1.dll

windows7-x64

1

Sample/vcr..._1.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Side_Load_Lumma.7z

  • Size

    12.1MB

  • Sample

    241119-kqlncstdkj

  • MD5

    bf88be0f880989456aa4d1d1e3cc74ed

  • SHA1

    7342fc8b56dc60ad88109353b75868c46dde9f15

  • SHA256

    3f4b288335a86c908e015d254715d6fb9838f729e13aa3c06e53792ddaf59cad

  • SHA512

    2d4952922c5dde411f5a34bafc979447690fe06a737117f8f3f089b922c59d630c2fce37693eee0eeb7dd56f0ee76b00ad119ee789165604acc007e51e623985

  • SSDEEP

    393216:dPg4QrTMB4FjG4iWLDZk6QndfROtyDrJWnmrDU:dYra4FX5ZSd5YCrJWnmrDU

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://processhol.sbs/api

https://p10tgrace.sbs/api

https://peepburry828.sbs/api

https://p3ar11fter.sbs/api

https://3xp3cts1aim.sbs/api

Targets

    • Target

      Sample/IasMigPlugin.dll

    • Size

      554KB

    • MD5

      5acd15b7e4274deeb512fd1abb9b5de9

    • SHA1

      f679ef6c1f723030f7502df17f8644d36bcc1b6a

    • SHA256

      f4120c3f5d73b369f949b8585816e9e61ded4449dcdc5dd64a832a73768a99cb

    • SHA512

      ae8fd346b3fcb1cf00b1ea9d6d6acd087698d6e68274c1592884a25f4cb46d409071bdaa4ec9344097873ca39d0bb4fa3ad8201a4084cb224d42bb4af1fe35fd

    • SSDEEP

      12288:up8P7QMQdTjNvktClLF+Vt1ZiCQ9oqKTJW8L4Tv:up8P7QDdTjNctClLF+VN7+Kh4Tv

    Score
    3/10
    discovery
    behavioral1

    • Target

      Sample/Qt5Core.dll

    • Size

      5.8MB

    • MD5

      a69021f31874d4aefec8c3a2bedd4437

    • SHA1

      aff85d5df7a4e69303f579b9a5a2ae82e14f3af6

    • SHA256

      dc68a1446e829afa5c7e33f4dd2233e096a492bdf3a82eb0eeacfafb69bdecbf

    • SHA512

      63fff0338d325f63431004f0fdf9e21a570536c1ac95ccd3f8a33c065d29d35d524ef6e2e5878d3986109e681480c03c2311b2447611003850d381bae4707667

    • SSDEEP

      98304:NTjAe4iOtBelKxJsv6tWKFdu9C0eo74Qerqf1t:NTjAetoBZJsv6tWKFdu9C017derqf1t

    Score
    1/10
    behavioral2behavioral3

    • Target

      Sample/Qt5Gui.dll

    • Size

      6.2MB

    • MD5

      34893cb3d9a2250f0edecd68aedb72c7

    • SHA1

      37161412df2c1313a54749fe6f33e4dbf41d128a

    • SHA256

      ca8334b2e63bc01f0749afeb9e87943c29882131efe58608ea25732961b2df34

    • SHA512

      484e32832d69ec1799bd1bcc694418801c443c732ed59ecd76b3f67abf0b1c97d64ae123728dfa99013df846ba45be310502ef6f8da42155da2e89f2a1e8cb2c

    • SSDEEP

      49152:Olbw69/oyRlQ3bseHmQL7cE6Vvz4IBeEsBvf6MGde7l8UkqolD/SrneTbfrh4y+8:Olbw6a6GpcZsBv6szezn9IPRs9

    Score
    1/10
    behavioral4behavioral5

    • Target

      Sample/Qt5Network.dll

    • Size

      1.2MB

    • MD5

      1dcc222983d2d327a098d9e1e8c8808b

    • SHA1

      45331c5a460de301add85b0b48c654b3b3041cb2

    • SHA256

      5f13704a36b5957d238e1ef6e8b88e520c97d287a6b364181d9670f2eace0b14

    • SHA512

      3db7671b7886116d92d632fbeef4442d391d85233e28232a8d7dad7c8883ea55d463d30674ed00f556fdb9840eba0545b2a65033dc86bd6dcf0ef8dacffcd2db

    • SSDEEP

      24576:KQQym4jK56LNWz/m7iNBd3ol8diKiEan3:KqmrCNxiNBulAiKiEa3

    Score
    1/10
    behavioral6behavioral7

    • Target

      Sample/Qt5PrintSupport.dll

    • Size

      316KB

    • MD5

      d0634933db2745397a603d5976bee8e7

    • SHA1

      ddec98433bcfec1d9e38557d803bc73e1ff883b6

    • SHA256

      7d91d3d341dbba568e2d19382e9d58a42a0d78064c3ad7adfe3c7bb14742c2b1

    • SHA512

      9271370cd22115f68bd62572640525e086a05d75f5bc768f06e20b90b48a182f29a658a07099c7bc1e99bf0ffcf1229709524e2af6745d6fed7b41c1addd09f1

    • SSDEEP

      6144:n5BVjwbCL85ofdeA2aqWs+41FwneMKAaol1cafGR27M1ffqp+1eszZnDy4SA:nBjwE8aVK

    Score
    1/10
    behavioral8behavioral9

    • Target

      Sample/Qt5Widgets.dll

    • Size

      5.3MB

    • MD5

      c502bb8a4a7dc3724ab09292cd3c70d6

    • SHA1

      ff44fddeec2d335ec0eaa861714b561f899675fd

    • SHA256

      4266918226c680789d49cf2407a7fec012b0ed872adafb84c7719e645f9b2e6d

    • SHA512

      73bef89503ce032fba278876b7dab9eac275632df7a72c77093d433c932272da997e8fbeb431a09d84baac7b2ab2e55222ff687893311949a5603e738bfa6617

    • SSDEEP

      98304:oSIq7lPpagrGUtPm3qBF+1jIJJAi+eVq8:oSI8hagrGUtPm3KMRIL+e/

    Score
    1/10
    behavioral10behavioral11

    • Target

      Sample/Setup.exe

    • Size

      1.2MB

    • MD5

      b84dfabe933d1160f624693d94779ce5

    • SHA1

      ac0133c09708fe4a3c626e3ba4cdf44d3a0e065f

    • SHA256

      588cb61b36a001384a2833bd5df8d7982ca79d6ae17a3d83a94e01b1e79684bd

    • SHA512

      eeaeef8d6b5fa02dedf9818babaa4b5ffdb87300521883aa290289dcc720b3d543279085ed3fc649b74654143e678502e56eb3f92c4baf53c075977de33c1b0e

    • SSDEEP

      12288:RWiPQmboElHjsxc93LwnfXlP0CT7T4ir7XFXTqlj02F:5Qrat3knTvT4yDpqlj/F

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Blocklisted process makes network request

    • Suspicious use of SetThreadContext

    behavioral12behavioral13

    • Target

      Sample/StarBurn.dll

    • Size

      1.4MB

    • MD5

      41e19ba2364f2c834b2487e1d02bb99a

    • SHA1

      6c61d603dddfe384a93ad33775b70681d0a396d9

    • SHA256

      c040a25377028b0c28db81a012de786c803a0e9d6f87ce460335a621d31f5340

    • SHA512

      6ebf4a9e80f16c6a03ff357d2da9a34a4227bfd65eb66d1d335349a77ba066d069ba0d47d46229b3c77b59052c42d388678662f970b418d8cc3cfb1223427d8c

    • SSDEEP

      24576:NbKpao+9Uybarjs1FHw9guJfkTK39MOCRZnVVWjk+amEObzznf9:NbKpaGEw9diEjkuEObzznf9

    Score
    1/10
    behavioral14behavioral15

    • Target

      Sample/config.prx

    • Size

      364KB

    • MD5

      14934caca84d5fe0288f27efb31dcbf8

    • SHA1

      98c8c659488a5782679112e0ffb089422a664ac5

    • SHA256

      7fa86147035627bae39576bcbe619d045e94a48c4db8ca131968c20bb4de4a36

    • SHA512

      9a239132a46fe578fa04ff727d8c28f9e1d179e7154619670a22a403819f337af0a96ebd7081d04d53910a12bbdc548b3cd2b2a285931c92f1c149ad5d846a6a

    • SSDEEP

      3072:rbT9vTZFNSlIbVf7o3Cyi7igb/Js0S6uZZspiDbZHNjWOnNxFiKey1ISQlXflY:fRvNvvbhOq7F3S/qpiDlNCONvmXdY

    Score
    3/10
    discovery
    behavioral16behavioral17

    • Target

      Sample/msvcp140.dll

    • Size

      557KB

    • MD5

      7db24201efea565d930b7ec3306f4308

    • SHA1

      880c8034b1655597d0eebe056719a6f79b60e03c

    • SHA256

      72fe4598f0b75d31ce2dc621e8ef161338c6450bb017cd06895745690603729e

    • SHA512

      bac5729a3eb53e9bc7b680671d028cabef5ea102dfaa48a7c453b67f8ecb358db9f8fb16b3b1d9ea5a2dff34f459f6ac87f3a563c736d81d31048766198ff11e

    • SSDEEP

      12288:Rsjw3shF+jss1I8CgEWTe5+YMCMGz2MMY5U489wiyaf+QEKZm+jWodEEVksLd:Rs/5U4RBaf+QEKZm+jWodEECsL

    Score
    1/10
    behavioral18behavioral19

    • Target

      Sample/opengl64.dll

    • Size

      17.7MB

    • MD5

      0a84667145e7efef026c888d4b768126

    • SHA1

      27673e1bd7c55bba6eaa37620d3b3820ce45d46a

    • SHA256

      dd575f3c64382193610815909bd2c52490244ecbbb9bba6eef5fe4f0bb43bb4d

    • SHA512

      3e964c996ed358787c4dfdb965a00b38b4118c804ae1bf8d32aeb7d936584e72c188e3fa0d27d1c2ffd3be13dca8045b08b28b15070812c195d82d1bf23a2604

    • SSDEEP

      393216:PXhbUNnoBP98OQ//aXUszfTBHCOUZ2UenCDkOH2:PXhNB4nlW

    Score
    1/10
    behavioral20behavioral21

    • Target

      Sample/vcruntime140.dll

    • Size

      96KB

    • MD5

      f12681a472b9dd04a812e16096514974

    • SHA1

      6fd102eb3e0b0e6eef08118d71f28702d1a9067c

    • SHA256

      d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8

    • SHA512

      7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2

    • SSDEEP

      1536:BxhUQePlHhR46rXHHGI+mAAD4AeDuXMycecb8i10DWZz:Bvk4wHH+mZD4ADAecb8G1

    Score
    1/10
    behavioral22behavioral23

    • Target

      Sample/vcruntime140_1.dll

    • Size

      37KB

    • MD5

      75e78e4bf561031d39f86143753400ff

    • SHA1

      324c2a99e39f8992459495182677e91656a05206

    • SHA256

      1758085a61527b427c4380f0c976d29a8bee889f2ac480c356a3f166433bf70e

    • SHA512

      ce4daf46bce44a89d21308c63e2de8b757a23be2630360209c4a25eb13f1f66a04fbb0a124761a33bbf34496f2f2a02b8df159b4b62f1b6241e1dbfb0e5d9756

    • SSDEEP

      768:Xhh4pTUUtmUwqiu8oSRjez6SD7GkxZYj/9zLUr:xJ9x70GkxuZz2

    Score
    1/10
    behavioral24behavioral25

MITRE ATT&CK Enterprise v15

Tasks