Overview

overview

10

Static

static

3

σUŞe_~~1...σ.zip

windows7-x64

1

σUŞe_~~1...σ.zip

windows10-2004-x64

1

σUŞe_~~1...σ.zip

windows7-x64

1

σUŞe_~~1...σ.zip

windows10-2004-x64

1

Register.dll

windows7-x64

3

Register.dll

windows10-2004-x64

3

Resource/C...tity-H

windows7-x64

1

Resource/C...tity-H

windows10-2004-x64

1

Resource/C...tity-V

windows7-x64

1

Resource/C...tity-V

windows10-2004-x64

1

Resource/C...BK-EUC

windows7-x64

1

Resource/C...BK-EUC

windows10-2004-x64

1

Resource/C...TF16-H

windows7-x64

1

Resource/C...TF16-H

windows10-2004-x64

1

Resource/C...TF16-V

windows7-x64

1

Resource/C...TF16-V

windows10-2004-x64

1

Resource/F...td.otf

windows7-x64

4

Resource/F...td.otf

windows10-2004-x64

7

Resource/F...ld.otf

windows7-x64

4

Resource/F...ld.otf

windows10-2004-x64

7

Resource/F...ue.otf

windows7-x64

4

Resource/F...ue.otf

windows10-2004-x64

7

Resource/F...ue.otf

windows7-x64

4

Resource/F...ue.otf

windows10-2004-x64

7

Resource/F...td.otf

windows7-x64

4

Resource/F...td.otf

windows10-2004-x64

7

Resource/F...ld.otf

windows7-x64

4

Resource/F...ld.otf

windows10-2004-x64

7

Set-up.exe

windows7-x64

3

Set-up.exe

windows10-2004-x64

10

ccme_ecc.dll

windows7-x64

1

ccme_ecc.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    σUŞe_~~19111547~~__Asπσ_Pswd_σ.rar

  • Size

    15.2MB

  • Sample

    241119-t3w5asygmk

  • MD5

    362f49e97ced3a22a2feafc50cfa901b

  • SHA1

    ca6be4087d6c619f561eaf2332b304bc3d6a9520

  • SHA256

    9cc639b89556218cf878a591e4119f7d54de66381c5425df49b756862e17e6bb

  • SHA512

    868f62860e7a04589ef9bb34be73a6376d6fd63f01aa02b5c0db92daee0546dce9df6b48eb80fae452f2d06834c531bc6312cf46ce57f79b95b4fd2f549853f0

  • SSDEEP

    393216:C7WYlpUbi4e/avO/0Qx8uWs1OZzdEf8WjRrixQhP097hi:MdV/aE0uWlzdCN1P0phi

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://morningjoy.shop/api

https://processhol.sbs/api

https://p10tgrace.sbs/api

https://peepburry828.sbs/api

https://3xp3cts1aim.sbs/api

https://p3ar11fter.sbs/api

Targets

    • Target

      σUŞe_~~19111547~~__Asπσ_Pswd_σ.rar

    • Size

      15.2MB

    • MD5

      362f49e97ced3a22a2feafc50cfa901b

    • SHA1

      ca6be4087d6c619f561eaf2332b304bc3d6a9520

    • SHA256

      9cc639b89556218cf878a591e4119f7d54de66381c5425df49b756862e17e6bb

    • SHA512

      868f62860e7a04589ef9bb34be73a6376d6fd63f01aa02b5c0db92daee0546dce9df6b48eb80fae452f2d06834c531bc6312cf46ce57f79b95b4fd2f549853f0

    • SSDEEP

      393216:C7WYlpUbi4e/avO/0Qx8uWs1OZzdEf8WjRrixQhP097hi:MdV/aE0uWlzdCN1P0phi

    Score
    1/10
    behavioral1behavioral2

    • Target

      σUŞe_~~19111547~~__Asπσ_Pswd_σ.zip

    • Size

      15.2MB

    • MD5

      725813ffbad99757742c0e0758e5a645

    • SHA1

      314f87de8331e988f2430be0b2937e90d821c212

    • SHA256

      a6d5559e3539bef714539378b7ef72a6231615c3b008009f896ad9c0f6131374

    • SHA512

      66802cbb850398980d35d4162dc7abf4cc3e463d28b462bc9224e553a2ce65217a5dfb8329b7f761d635f264a139784121b3afe8939020ff914d5ce2f4138929

    • SSDEEP

      393216:0r8ndxvQnt2SdSXQVmSlOiOY5uv3t0ryaTRLcn4h30dF/q:q8QdSqoiOH3t+Z730r/q

    Score
    1/10
    behavioral3behavioral4

    • Target

      Register.dll

    • Size

      1.0MB

    • MD5

      40b9628354ef4e6ef3c87934575545f4

    • SHA1

      8fb5da182dea64c842953bf72fc573a74adaa155

    • SHA256

      372b14fce2eb35b264f6d4aeef7987da56d951d3a09ef866cf55ed72763caa12

    • SHA512

      02b0ea82efbfbe2e7308f86bfbec7a5109f3fe91d42731812d2e46aebedce50aabc565d2da9d3fbcd0f46febbff49c534419d1a91e0c14d5a80f06b74888c641

    • SSDEEP

      24576:k0Rdvjw14ZCWQuTs54Qbz27j7BS2Nv+4BT8+u60:BDZ2zAj7pXT3i

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      Resource/CMap/Identity-H

    • Size

      8KB

    • MD5

      40f5dc1383e3e8f870ed8f763ed51878

    • SHA1

      474a429de3b9feba36cfa4ce4edcd4fae3cddc5b

    • SHA256

      aae946bc17203b5df12838d07ae5cafc9e85a1d42d1b94d8475ab2d42b77a5cb

    • SHA512

      69b6d3af2ccaae9437fe4e0206c44d29ec7a51f39334826737907e1126505071ba888f4134de55a07cf14256b47daf6d29cc73bab60f3c6cd7d8bb30e24778fb

    • SSDEEP

      192:QJeSrsQrsil/3gU+uSpo4cvkikNwA+KZwOyKXuU8fy:QJhrsQrsWPsu+oVkEKZnNz8fy

    Score
    1/10
    behavioral7behavioral8

    • Target

      Resource/CMap/Identity-V

    • Size

      2KB

    • MD5

      b5084cbf0ab0c3deac97e06cd3cb2ecc

    • SHA1

      c32458cda1951cecffb69aa2f7e3a1ea8bf36251

    • SHA256

      7483db44e4449a7ae232b30d6cba0d8746592757d0e91be82ec45b646c608807

    • SHA512

      b15f65a2ab21121a4b815932a7e2dcafcf27f458bce532ae46bbcbd6b1134153027bf3e138fab42457a89bc892256b4796bbb9f1e3a85f9f4c5202015b56e3a5

    Score
    1/10
    behavioral10behavioral9

    • Target

      Resource/CMap/UCS2-GBK-EUC

    • Size

      238KB

    • MD5

      fb9d6cd4449ec7478ee8ad1bd7465bf5

    • SHA1

      3d42495890e0f2acc6b564eaa79fe020fdd2fc79

    • SHA256

      66cdcaed3aa94525c59a82a39a93b96885883bffadea1e572464d559d21443a6

    • SHA512

      259467113cda70ba8d399e233bef8a718f76bc6b977ac54c216bd53796a8003e7a7276031388e282f1f4430fc2fcd269b06341f2082a9442a65bbccdeb767eb1

    • SSDEEP

      6144:JAYrjXraHOiu06s7SSC2RGaC4J7G27r7Sbtg2j35GEE9:JAYrj7aHOip6rShXC4J7G27r7Sbtg2j0

    Score
    1/10
    behavioral11behavioral12

    • Target

      Resource/CMap/UniKS-UTF16-H

    • Size

      128KB

    • MD5

      f65c06189a55139e13885d9716bfe35c

    • SHA1

      394285fed905d0f4c2c21230da50626b0a31a037

    • SHA256

      ab87d320c81e4c761b7a4cbd342e212db4ebe169b5d10848f2f57d828874e342

    • SHA512

      caf07d2623861f60d79acfb313978b89f9cd8feea0bed0fe28d25286d197b62b9ef9a41130586d731dc43aeae817eaaa87c9cac31d9bd1fdb82591146e0fa2cb

    • SSDEEP

      3072:EbOks6xITS4gmLJpAEhFDDvBB4TS+JjXsc:jjTvIN3

    Score
    1/10
    behavioral13behavioral14

    • Target

      Resource/CMap/UniKS-UTF16-V

    • Size

      3KB

    • MD5

      aba47550affb435a1dcc6b70efab5b52

    • SHA1

      754168e2c3b58fcfcb57b3ecf5ca5eebddfa1f47

    • SHA256

      7e403dae40df21fe3f9b221f7ce750f7f5bff9cc73d82d011c4bcc48a0db60ed

    • SHA512

      d46537b67ef7137fc0b715e43f23322dd1189db352235a4a5ad89cb6af3d3fecaa51c1c93dcea2a7e8fb8d25b18c3b0f2ab2f23df7a5a76126a47389ffac00b2

    Score
    1/10
    behavioral15behavioral16

    • Target

      Resource/Font/AdobePIStd.otf

    • Size

      83KB

    • MD5

      8653bfe4c32a8528e981748e28c59570

    • SHA1

      dec8dd8cba986f5852286c8b8e45c6270aeab65a

    • SHA256

      5dbc496c0b5a12d9f9ffdb83a46b9fcda8d1fc1fcd50832c783be5e9277a698e

    • SHA512

      66e39798ca8bba9af51f44e81b77ac1703f488b6361bfb05de632fbb2726e5f1291f0210be0fc933459bea78fa433177b33e34be977c079c97c5330d6590e7fb

    • SSDEEP

      1536:PmsMC/asb+Q+fGZNbDvdtlT9Mnlx643McbQqc80U0zy26RR38e8kscXqHZ3MD4ea:BMjlINbrdFMnP6hcbQq8Bn6IPksF8E

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral17behavioral18

    • Target

      Resource/Font/CourierStd-Bold.otf

    • Size

      29KB

    • MD5

      404952ec4d0ae00dd2f58fb980a99326

    • SHA1

      2dfa0796be958109d1558b771c3c8c77049a3945

    • SHA256

      a3c25f2ec60f8d44f150cd4e478067b06cc7267fbaaf844da600ce1c31c6e5c1

    • SHA512

      e9f60c1536663b11a8d262a49bd92b80bc619e26408464350a122b4cfa149900da754c78ea7e84a314f4c914497005409cc83dc8b5f55d725bba1bd5acb2ce89

    • SSDEEP

      768:UYJufmmvVJkJ7pFIJRUQXzUKOXBdbOIYvQXGPgfJVXhU:UYJu+mvPg9eYCzUKOXBdqIWQX4gfVU

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral19behavioral20

    • Target

      Resource/Font/CourierStd-BoldOblique.otf

    • Size

      31KB

    • MD5

      6804e7413898972e05823add91b1dfc5

    • SHA1

      4dfc3cecd9d3c26afaca087a69376eb6abfedeaf

    • SHA256

      698fd9169ad62bd6faedd1c8e8637abc9cc65b3b1a5ba8698242b1447303fbee

    • SHA512

      f89a494aa7dae22022cb4bddf911c9fb8f40220c5d49bba79e5b7f97191fcc2740088437d3e56e6903e0b10aaf5535b4ce08dbe793a0e800d23038196ebf5fc6

    • SSDEEP

      768:edluzc2NPniJMT9BvYsWShVcbZks6AnkXhUZxX:edluz3piJMpusWShVcbZkfAnk2Z1

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral21behavioral22

    • Target

      Resource/Font/CourierStd-Oblique.otf

    • Size

      31KB

    • MD5

      71ec484296a30c9379607e36158ca809

    • SHA1

      6dba5afa525bfb38b653e30492d59d839dc7a0c9

    • SHA256

      c54815a2729d633e400a6835679613090c20b91da6cb40fa761aaa475efb77f5

    • SHA512

      0a53ed3ebd858d093cdfc2b2acc104453c6e211416ae24a93c2a77feb3c7a5af8e2a27ca367194f8a6d7294cf36bec84a3b0c6af1ccb8047d9b0c72622a9c8df

    • SSDEEP

      768:jhDq/ufETG+B8jqsYTvBTOYDjcXfwMXY6TnP1xaH9UzGb4dmA:jk/uf3YTpIPzo6TtxY9UzGb6

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral23behavioral24

    • Target

      Resource/Font/CourierStd.otf

    • Size

      30KB

    • MD5

      f4c2d3851e2781b2b3ff60a2e34e81ac

    • SHA1

      779f9fee6d37c37a03601ec1ab406d055e8e7692

    • SHA256

      54cb5c8e9775cb432afe32b0af688536354ad04ef9c9f1450ee7c88a73bc884d

    • SHA512

      218cf55522d6edd88ad92acaa6d440f0f7ff2a0688948a834ef21eff7ca6a915622723720dae234e412e788ee7b722261b1a238a12d05c7f63f24d854fdad43d

    • SSDEEP

      768:px0Kx7uekYqrdC/MNVO6MFsSStwPHMjz9Qc3:j3RuexqrdGYmJStYHmz913

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral25behavioral26

    • Target

      Resource/Font/MinionPro-Bold.otf

    • Size

      205KB

    • MD5

      b3870be83f40b14cb382bd498920a137

    • SHA1

      08b27bce2db468785348f42e39b2e80d9107fb1a

    • SHA256

      6af523a01b268ddaab5177e6c0df5024f7192d72b0b1ca9523721fbaa2aa9257

    • SHA512

      0979d123ba7d84b564aa0f018ae49ed7a2c4610882e574547abade7abd2e743630ccc82dfe95c3fbe963731e33df5d34c2e307fd28a2e7670e2aacbe3b87f70e

    • SSDEEP

      6144:3z2HDNf6XZFWrRBPt2a+C5vDgtTBbhRRkBPgdG:3zaNWZFyBPONbhXkBPOG

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral27behavioral28

    • Target

      Set-up.exe

    • Size

      135KB

    • MD5

      a2d70fbab5181a509369d96b682fc641

    • SHA1

      22afcdc180400c4d2b9e5a6db2b8a26bff54dd38

    • SHA256

      8aed681ad8d660257c10d2f0e85ae673184055a341901643f27afc38e5ef8473

    • SHA512

      219c6e7e88004fad9f4392be9a852c58fc43b7f6900e40370991427f37eaea5c18f48d2954f9479dde8bcb787345f4e292d5620add8224aec4d93d7968820b83

    • SSDEEP

      1536:URLRDTAC1CMoR1CqabJWt7AQFYMGhw1ScCD28v2Vv428fmvxOuw03h9VC:URdV1CMoiqadTQFBGhw1ED28+94hGw

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Blocklisted process makes network request

    • Suspicious use of SetThreadContext

    behavioral29behavioral30

    • Target

      ccme_ecc.dll

    • Size

      548KB

    • MD5

      19f2641706952f221d5f1066d064db4d

    • SHA1

      84bf37c1bd5cb3f35cd2aa934cd9c17cb2690282

    • SHA256

      cd87094bdb78dbff8a593bef3952495414b2256eb75ac2d466da276d17e8bd9f

    • SHA512

      155a8d9fe2fe238cbc341cb0f088b5be0b58bc2f0ab70eae488972c0e8cd0e16ae3afef64ab96e0c63f14ac53b2ab167f906e2b94bec7ba87b494121edf5ed67

    • SSDEEP

      6144:Ra3lDLZaFal9tiA1GzrTJdln27EEvdABkVJAOlRs5DIcxkjSuo64hTQ0IL0QpC7K:RUlD9aFal94PDlGuBk3Js5DIqjv

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
4/10

behavioral18

Score
7/10

behavioral19

Score
4/10

behavioral20

Score
7/10

behavioral21

Score
4/10

behavioral22

Score
7/10

behavioral23

Score
4/10

behavioral24

Score
7/10

behavioral25

Score
4/10

behavioral26

Score
7/10

behavioral27

Score
4/10

behavioral28

Score
7/10

behavioral29

discovery
Score
3/10

behavioral30

lummadiscoverystealer
Score
10/10

behavioral31

Score
1/10

behavioral32

Score
1/10