lumma | fb5fdba6e89240c8b99c11923471a72975e0026e5df97dcdd3c41caf759527cf

Resubmissions

22-11-2024 11:45

241122-nw5j7szme1 10

22-11-2024 11:43

241122-nv4arazmdv 10

Sharing

Copy URL

Twitter E-mail

General

Target

Microsoft-Flight-Simulator-2024-Crack-main.zip
Size

9.0MB
Sample

241122-nw5j7szme1
MD5

744a2b0e676d60066f52e1633724ac6e
SHA1

a79fef883557e49ed5a923d920d4178fcdbc2a0a
SHA256

fb5fdba6e89240c8b99c11923471a72975e0026e5df97dcdd3c41caf759527cf
SHA512

691f4a1ccb47951b0b9973edfce56200e7ee3337e2f7d19bf86beeba03d25ddb3d2e9c563d9322a2ab27becacafa27c7d2ab40f7c5eb5a0c2e0079f6d0d00b39
SSDEEP

196608:wAN6NV02cQGZSZyWCidFEs6CHdeuYqBOEom0vBYOzssK0kgApMe+02CnsjUQNrIl:wm67lL+KG4iFEwWOJmGB9aar9geUorng

Score

10^/10

Malware Config

Extracted

Family

lumma

https://fumblingactor.cyou/api

Targets

- Target
  
  Microsoft-Flight-Simulator-2024-Crack-main.zip
- Size
  
  9.0MB
- MD5
  
  744a2b0e676d60066f52e1633724ac6e
- SHA1
  
  a79fef883557e49ed5a923d920d4178fcdbc2a0a
- SHA256
  
  fb5fdba6e89240c8b99c11923471a72975e0026e5df97dcdd3c41caf759527cf
- SHA512
  
  691f4a1ccb47951b0b9973edfce56200e7ee3337e2f7d19bf86beeba03d25ddb3d2e9c563d9322a2ab27becacafa27c7d2ab40f7c5eb5a0c2e0079f6d0d00b39
- SSDEEP
  
  196608:wAN6NV02cQGZSZyWCidFEs6CHdeuYqBOEom0vBYOzssK0kgApMe+02CnsjUQNrIl:wm67lL+KG4iFEwWOJmGB9aar9geUorng
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Microsoft-Flight-Simulator-2024-Crack-main/Asobo Studio.dll
- Size
  
  9.9MB
- MD5
  
  c140f81387c20ab98b20f5f217e2a752
- SHA1
  
  8ef7d2e5e948780bdd9e71a362a56f710463fbfa
- SHA256
  
  0337b3c516f0a43ebe9f316c366de7e9d937e33c35fe940095435ba6e883fc79
- SHA512
  
  7dad1c8e1e7236a1b548ccb37d451ed077441e610989e4a31af152fa3c1b606727da86102655eb3072c0394fe2e103c54436a75c28d1d25276050a40a4dc1f8e
- SSDEEP
  
  196608:tgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgfSgf3gfSgfSgfSgfSgfo:tQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSA
Score

1^/10
behavioral3 behavioral4
- Target
  
  Microsoft-Flight-Simulator-2024-Crack-main/Microsoft Flight Simulator 2024 Setup.exe
- Size
  
  570KB
- MD5
  
  d9d221384b7ac1af1cb64bd042cb16e3
- SHA1
  
  6a7c441f093ed49fa0f708a52a830e62ec2f5ce9
- SHA256
  
  46d8066bf56c854646b39a04ad298ac22c81f3c9545bb439763c91e40bdc0655
- SHA512
  
  dc52905cce2ee9bb75b15116c5f825ff295ca256bfc2c12d3cab349aaa2916cbd1970e142ff9a296ee80734b719cca68d5519c7328d18d51bbd3d482228f0b8d
- SSDEEP
  
  12288:ro3gygylSwAN2kLkhn23cVkolDApUPnR7YYRFyrcHvra9lr7v:U3gygnN2kLktscVkolDApUfR7vRFyQWL
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral5 behavioral6
- Target
  
  Microsoft-Flight-Simulator-2024-Crack-main/README.md
- Size
  
  1KB
- MD5
  
  e2c5b9bd487925f51dda2c4fdf7db7eb
- SHA1
  
  d18c329dc890a0f4b4264e3fd9ce73c431d13bc7
- SHA256
  
  06632a2e4bd94f3f79bce43337d9fb8611a98a9f708de0bbf4df929d30a72cec
- SHA512
  
  8ed3cf102be01646940096daee5daeb0d46a79fb44abad6d21f020dd505b789198586cbe7c68fe0ae945d3e41a371b4b7a55aa09400474d3addfac2b928c31ae
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Microsoft-Flight-Simulator-2024-Crack-main/installscript.vdf
- Size
  
  631B
- MD5
  
  1a792aff29d6f07d1c3381634ba6baff
- SHA1
  
  f2c7bb49ccaf63ffcd38d06dd2d51095b08d4344
- SHA256
  
  270d2a3eef463b768ca4368e62444a7ccaff4e98c71f2ca05b721bfef2e03e05
- SHA512
  
  3971dee038f1cd1aacf9151196a53e2bfbf4bc9a665f60ae79309b5544d81a733e3f7b9db422e17c5a95ba2930248be408e6fbf877f8eb12235277f46af5a4f1
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10