lumma | fb5fdba6e89240c8b99c11923471a72975e0026e5df97dcdd3c41caf759527cf | Triage

Resubmissions

22-11-2024 11:45

241122-nw5j7szme1 10

22-11-2024 11:43

241122-nv4arazmdv 10

Sharing

General

Target

Microsoft-Flight-Simulator-2024-Crack-main.zip
Size

9.0MB
Sample

241122-nv4arazmdv
MD5

744a2b0e676d60066f52e1633724ac6e
SHA1

a79fef883557e49ed5a923d920d4178fcdbc2a0a
SHA256

fb5fdba6e89240c8b99c11923471a72975e0026e5df97dcdd3c41caf759527cf
SHA512

691f4a1ccb47951b0b9973edfce56200e7ee3337e2f7d19bf86beeba03d25ddb3d2e9c563d9322a2ab27becacafa27c7d2ab40f7c5eb5a0c2e0079f6d0d00b39
SSDEEP

196608:wAN6NV02cQGZSZyWCidFEs6CHdeuYqBOEom0vBYOzssK0kgApMe+02CnsjUQNrIl:wm67lL+KG4iFEwWOJmGB9aar9geUorng

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://fumblingactor.cyou/api

Targets

- Target
  
  Microsoft-Flight-Simulator-2024-Crack-main/Asobo Studio.dll
- Size
  
  9.9MB
- MD5
  
  c140f81387c20ab98b20f5f217e2a752
- SHA1
  
  8ef7d2e5e948780bdd9e71a362a56f710463fbfa
- SHA256
  
  0337b3c516f0a43ebe9f316c366de7e9d937e33c35fe940095435ba6e883fc79
- SHA512
  
  7dad1c8e1e7236a1b548ccb37d451ed077441e610989e4a31af152fa3c1b606727da86102655eb3072c0394fe2e103c54436a75c28d1d25276050a40a4dc1f8e
- SSDEEP
  
  196608:tgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgf3gfSgfSgfSgfSgfo:tQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSA
Score

1^/10
behavioral1 behavioral2
- Target
  
  Microsoft-Flight-Simulator-2024-Crack-main/Microsoft Flight Simulator 2024 Setup.exe
- Size
  
  570KB
- MD5
  
  d9d221384b7ac1af1cb64bd042cb16e3
- SHA1
  
  6a7c441f093ed49fa0f708a52a830e62ec2f5ce9
- SHA256
  
  46d8066bf56c854646b39a04ad298ac22c81f3c9545bb439763c91e40bdc0655
- SHA512
  
  dc52905cce2ee9bb75b15116c5f825ff295ca256bfc2c12d3cab349aaa2916cbd1970e142ff9a296ee80734b719cca68d5519c7328d18d51bbd3d482228f0b8d
- SSDEEP
  
  12288:ro3gygylSwAN2kLkhn23cVkolDApUPnR7YYRFyrcHvra9lr7v:U3gygnN2kLktscVkolDApUfR7vRFyQWL
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

lummadiscoverystealer