lumma | 0568e45dfc54c298f485c20a0a309764fc0008fd525e20e524d8ab00c348056e

Sharing

Copy URL

Twitter E-mail

General

Target

bun_sss.zip
Size

38.3MB
Sample

241122-r9dkesspgx
MD5

06aba88c1f567e57302d7795fd2c6f9b
SHA1

7330bc3db18c0232a7a64fa01a312fbccc795dad
SHA256

0568e45dfc54c298f485c20a0a309764fc0008fd525e20e524d8ab00c348056e
SHA512

50cbfeffd13fecca9a5bba62cdf047642340294cda0f523d4032b8c751a3184b1551b0144457a2ef3f96437237ef09f3082ad09faa7cf27724fd6a3eb9eab765
SSDEEP

786432:fDXtgygLHDOmSokzCXNdZ28tJbexPHEpT6YGrvkAX:fD9gBjOeAeNd8uAPHb3jkO

Score

10^/10

Malware Config

Extracted

Family

lumma

https://conceptionnyi.sbs

https://platformcati.sbs

https://nervepianoyo.sbs

https://qualifielgalt.sbs

https://smashygally.sbs

https://fightyglobo.sbs

https://modellydivi.sbs

https://pioneeruyj.sbs

https://matteryshzh.cfd

Extracted

Family

lumma

https://platformcati.sbs/api

Targets

- Target
  
  Setup.exe
- Size
  
  3.7MB
- MD5
  
  ed8270f3a1801ded0ce6128a8e4eea5d
- SHA1
  
  d74b43cfaf1136ea00c8b297fdd912882e038c34
- SHA256
  
  5ed9ef629732a6f4b2b9281597584ad89556c4068a1750add78fbda56cc1390e
- SHA512
  
  7d2c6d94692f88e455e45af14db251932f9e84a0db4898468c25dd8ec1f658ae500c255e43ad700471dda5daa470e9d60ccc2c2d861eee668967eb42dea20152
- SSDEEP
  
  49152:WOG6bXfJFfq5nxDzFKEj13Qe95zBsrDvLlN1kjUSKVW4LGlJW6L84:WOXulzv13P5zuWjUSKVW4yeK84
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  _converter.dll
- Size
  
  40KB
- MD5
  
  8f73fb2a063127ec988dbadea5726566
- SHA1
  
  93c9419d26f92aa8e366a1f3bbd5ae33c75d72f6
- SHA256
  
  aa0c415f9383ee1ca1209acabb90523076c3c09242fcc5fdc43cc84d3fc7a79c
- SHA512
  
  93d885964637a48077ecd28883c9fad21aa92a92746c9545d28e6dcc2d805e47f649e0e593f7f00ce68a45226e8ad6a9692c5503d810126c65efb77ccc2668c2
- SSDEEP
  
  768:mqKSBKWrXrcmKp6VCXPUl+ltO16rOlbcPX/9Gh:LnsW7XjVCXPUl+ltO1F5c/Qh
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  _docx.dll
- Size
  
  3.1MB
- MD5
  
  69055da064a5373bb0fdb85db224bb39
- SHA1
  
  fd10e8f55501eaad3d30f6b0f87ebc28c981285c
- SHA256
  
  ee0ea5e0801f75a257330f40aa1fe30332802c269dfbec55013da5921c00aa93
- SHA512
  
  8d483a863e9d2bf14889a5fddb41fc7d9e3d9070d1c3b9acb4b62ad749cff394e62368b11a5bbecddb9498c5a0d27766b86bf1a1ae7c2ea4a7dfbbf5f4afff74
- SSDEEP
  
  24576:lXuJeis57+YnvidJXKXPmJp+UgxIGk0dVMuCUcmD1YRjs/cVtViyNXXB3BiWdPIe:9l3KnXkW+U5TiE/t/BDdM6V/Ke7Ac
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  _freeimage.dll
- Size
  
  4.9MB
- MD5
  
  fc41d17a256ee38a5b97937b3253fc42
- SHA1
  
  300ac8366738fcde7dfc110cfc0e93c3fd152ed9
- SHA256
  
  db87ec8535464707479cf5f7c5b16f984295b83aa7132bab350076401d1c5be6
- SHA512
  
  ac95ced5593a660e5a6f1b0b310fa14b837c548fb213ff12b7d55428ff25af9283ae331032cbcad674d9ea1c4ac57cdbe0d37b3198a08b023fe950ac006862a4
- SSDEEP
  
  49152:X2eIPddf16saZ2zF4d/LKUSdxMXk6d3ka79/Na7mZ96kB/cOiT4GRlKWn:GPPppyWHMUS7Nc7KJslK
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  _glib.dll
- Size
  
  1.6MB
- MD5
  
  d3c97a47a0639db5e65ea7f25561d536
- SHA1
  
  2c311c2889143eb53027a652f3f95d14d2100a10
- SHA256
  
  70c2f0505cc84cc86749ee786450e790f2ac7d38ca0c7a9126b3ea625422f4d4
- SHA512
  
  dd35adc1dc9b8df8f3a641b46ab97a628cd10fbfff62059b10e0db3d0396b7eb5c0f580d9ebc767f82d5f4c7f4a63d8e2a8cc6ed2d9a01bf79415ec1bb093195
- SSDEEP
  
  24576:AyhDzjoYAc9CuVSzjV8j5Nmx0IZB+yKdF0AVWtv8ZmbdU:XHChx0IB3KdtWtv8MdU
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  _gsf.dll
- Size
  
  65KB
- MD5
  
  af0bcb5013473bb717cc9caeb4125c8b
- SHA1
  
  8259f5bf66751e2d0f6292a813ae04e1908d1c10
- SHA256
  
  804812472df894901f76f472c1bed3c539600d0dcf9af52c403523515687b2a2
- SHA512
  
  f177cfa81782c3c7bd7c8ff68b12c060abdf54e568309849a6acf793773ef358de6649d6550af3b0ab9d6db9d9a5dfa894c585707603da04a9930aa2299662c5
- SSDEEP
  
  1536:EogK8BDoFNALxrrjSxFtPTdomdwsajz388:EogjZaNorrjS9bdomdwsOz388
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  _myio.dll
- Size
  
  711KB
- MD5
  
  517840868dc9466c94a1e352d3cd5a21
- SHA1
  
  5901f5bbb72e7cb6b225b68f7daeef4556fd8454
- SHA256
  
  c0e001985d9470c6703c92f08a0f46877140e07ff00cef5dcd89c78a2cb8d377
- SHA512
  
  7ebe5c472c6f62c47a76619c7bf83f64103352115f79496e6b552dd1a1ff6702263cad180c67040c1a1da562060011ddc30f1e9b52c3ee23fa83297382e6e43a
- SSDEEP
  
  12288:OK5Bf2+ou55C9PpM27PZ1QdczLjsRWl/nC5aEtfiIbpYIH9F/grvVfXnNJgD:Ow5rrCdpXPzUcz2WlW5pYw/grt/e
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  _ppt.dll
- Size
  
  501KB
- MD5
  
  e9665bb13f3fd1cf9b53c053003b5e5f
- SHA1
  
  ede1998eaf8911c41e6d79bf3bf6f780d66762d7
- SHA256
  
  60346c9ce8230bcdfca6a24a4063f159480a82342262e7fc7895f069f10c1cdf
- SHA512
  
  fd7713ea2b84daf7a4b18cb8b12c056920d20a32f742a323654482edac82a3c8743d88a9127712cf0e00dc0c45db9311ebf1b188c44b8aebd24cecf152f45c8a
- SSDEEP
  
  12288:X14aVufAnS60ZoYTvcKptABReM9fEWmE350:YYnQoYTvh8BUMWZS2
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  _pptx.dll
- Size
  
  499KB
- MD5
  
  c2ed80f6ea1d6d4322c62cc1c1ad5166
- SHA1
  
  0549e015c4254d60733f2d5aa2ab0178c888c9d1
- SHA256
  
  f05c1f6a89d5228bb96bdb4c2feb9a2f284cd647348d7dfbf438e54b1b8ad21b
- SHA512
  
  282ebf7d20f284c7cdf31e14635ad363a02d849ed8895c4dc7853d1f619f732946e514c5b173a7ae4aee0b3d7dc3b5a5d63b4d25e508e880cfc2668d80b1bf4d
- SSDEEP
  
  12288:SsqT/5F436XxWJOEo4GHsvkIcejdhhQfEWmJAX:4eqXxN4GHA7jfhBZyX
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  _wv2.dll
- Size
  
  687KB
- MD5
  
  da04a070869b9fe12b6734c552904bc6
- SHA1
  
  0bbcda0a005aea7dba708fd0009f1f192ea91e65
- SHA256
  
  f0df451dd298cd459bb08d3d6a316b583d70bc5d9e8d583f0ea7ca6ffd95c175
- SHA512
  
  9b5d01413ad9cc7fba4c999b801735b0194c044882ffb526fb431bed65a5eae8b35252346cdabdcae39fa6358d0a1e943ebc4db863afaaf482d863ca5353c75a
- SSDEEP
  
  12288:bADi5HtiWa40gQOyXV53qIevq7CV7Kqc37PSlafEWmkr:ceh9lryKIev2YKqU7PSlfZC
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  _xls.dll
- Size
  
  489KB
- MD5
  
  587cc40006d6675edc8c4e9e7b25ff04
- SHA1
  
  fdfc4944f5b54757f06f9b4d16577c9791d90c41
- SHA256
  
  daf81f2a198a6be19549e1587f5ef1e750c858f7d890368198865e7110ffa91e
- SHA512
  
  ba923e7902a9ede29b6274d1f604e5eb21cc826a0e5d290ab263a1f8713e4b62e2a8deda0026bb01b65008703c37aad97449e562f3f6f97e9d6b0017f463eda3
- SSDEEP
  
  12288:oGZnd583ZZNG3f7OXWsG309kZJfEWmLwQ:dGzNUOXWpokUZ8Q
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  _xlsx.dll
- Size
  
  501KB
- MD5
  
  74397528351ecf67517b7fc3b9278648
- SHA1
  
  e5cd0c0d4d360639ba47e1ccdf93e062053bf161
- SHA256
  
  ca260f024587ae1fde8f8e17585078df81fda26b95d1cef168731062a5f9c001
- SHA512
  
  1b6a27ce0c0865a05dc985bdf18a88b2bea8c45647a563f121c45b12196bd3e7d868940b292d5b275f48dea86d4b0832dc01709060839d65f96fc09c0968806b
- SSDEEP
  
  12288:EEGOOhvszPn3kRMFROe4DoT+UhJfkeP6OfEWmiq:EOpT3kQOe4DI+wf1P6jZ1
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  _xml2.dll
- Size
  
  958KB
- MD5
  
  5ee1b75df9a5015c170e2c9c3a07a915
- SHA1
  
  945332e7e42f48ea5b441dae1c29f4dd9f5ee78a
- SHA256
  
  54cf9063e65ded3e3dc7ad584e3a4d16605b75a4ed1d0e976b1932f8c285f313
- SHA512
  
  510af84847237d48fcb9f729cdec5a0ea7ababd7b0fa531a36c7c5f58bf587eec27df00038df203b9a81b70a95feba6801a113dd9107534db8911459a0767371
- SSDEEP
  
  12288:7rXCOtGnInX/7zhO3+OZOQc6/7dTs6rbkkKND49at9M1FI3JZGwd7lqEfQwRzXMH:7jCY8+OZ/A6PkkKNDaasatjqE4wRzXE
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  _zlib.dll
- Size
  
  59KB
- MD5
  
  76cc57b4913d3adb1b662009ef149d79
- SHA1
  
  4bf0eaa311b70b2d809260fbd2d39bc766940089
- SHA256
  
  9c0fd8899c3538bc5807ac4804376a562e5ae71699c142fe3f4a648263b790d2
- SHA512
  
  47e0533b6ddb7099b840881afb060b915a6e4f9463d71dcad6a329ca03b4048cca83625106af00e8a55c2ced686c4b65a21f58f0d2e5c0a3008b4f5d67aef2d9
- SSDEEP
  
  1536:cYp1b8GzOULTYAVHp+nToIftIOjIOyMH:NqgjXYA/aTBfnFyMH
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  avcodec-57.dll
- Size
  
  10.5MB
- MD5
  
  956482fb13bf0a96fc5e20efaeaccae7
- SHA1
  
  87d42855ba7c01a750102e4659d079d32c6c4b3c
- SHA256
  
  974e64cfeaa3f7eb0545e048a117e9201bb3d3573c83edf7b62b3d32ec7a06ca
- SHA512
  
  a25106f6cc10e41baed145f6735aa6c32c540d96ad8a6a1a79a0f808ec302b4dd900025e45215954400b5d97505aa135f0c3b41c913f7f729316d14209268503
- SSDEEP
  
  196608:2w7bvC7CxHcacQscpfg2eqFsEs5ts5Mr90IorUrHepPWgc:vCUHc3QJC2rUrHepNc
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  avfilter-6.dll
- Size
  
  272KB
- MD5
  
  5b2a396ba37016a8bdca080ffeabc7c4
- SHA1
  
  8cd041aed746ed44e6ebbe7254da6235c9e8f603
- SHA256
  
  266769059ab9f3af801f73f8a579df23764db38a3b6fbe23719fe8f06788d92a
- SHA512
  
  9912cbc2a9721120cd3ba88a0e1710feafb3caa3642841beb2eec614e4b26ee90e5781121326aaadaddaacfb97c89f4b4f14ab8fd2659684c92b78c9fa3d1795
- SSDEEP
  
  3072:QwZZP2Zh2G7WlqT6Xg05Nl2UJikrvU0pOtb2qopnn16K5eW5:Qw3P2j2G7WlUB4NpOtbmnnEc
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32