lumma | 0568e45dfc54c298f485c20a0a309764fc0008fd525e20e524d8ab00c348056e

Sharing

Copy URL

Twitter E-mail

General

Target

bun_sss.zip
Size

38.3MB
Sample

241122-svrzyatlat
MD5

06aba88c1f567e57302d7795fd2c6f9b
SHA1

7330bc3db18c0232a7a64fa01a312fbccc795dad
SHA256

0568e45dfc54c298f485c20a0a309764fc0008fd525e20e524d8ab00c348056e
SHA512

50cbfeffd13fecca9a5bba62cdf047642340294cda0f523d4032b8c751a3184b1551b0144457a2ef3f96437237ef09f3082ad09faa7cf27724fd6a3eb9eab765
SSDEEP

786432:fDXtgygLHDOmSokzCXNdZ28tJbexPHEpT6YGrvkAX:fD9gBjOeAeNd8uAPHb3jkO

Score

10^/10

Malware Config

Extracted

Family

lumma

https://conceptionnyi.sbs

https://platformcati.sbs

https://nervepianoyo.sbs

https://qualifielgalt.sbs

https://smashygally.sbs

https://fightyglobo.sbs

https://modellydivi.sbs

https://pioneeruyj.sbs

https://matteryshzh.cfd

Extracted

Family

lumma

https://platformcati.sbs/api

Targets

- Target
  
  QtAV1.dll
- Size
  
  975KB
- MD5
  
  9d70b143da5db12d03c7acc92a156db2
- SHA1
  
  b210788a2049713db4027c828d742c8fe137398e
- SHA256
  
  d8b6d171b5ce0e195933107ab655b177e821756d285a60a900a17d5fd872d889
- SHA512
  
  af3621a4181a0220f0f8d2a5eebefde1792b3403f9fbcfbc68ac11df863992bf5ef0727b5160d6880be0369b6ef6622f8d08c1113ca3b73c512807fce63dee9c
- SSDEEP
  
  24576:OIG/aFYS0lojipU+ILENMOg+jrj1ubBGnBzLGIZyaktwshp3BnmEt0i52geph4f:OISwlnBmEt0i2gephW
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  QtCore4.dll
- Size
  
  2.4MB
- MD5
  
  34e13d090fd30ee1cbae54c6e43bab88
- SHA1
  
  08a459adffc9f6d69ec82ea19b2e2683b5979083
- SHA256
  
  20912177d5978cf3b7fd9fce3f5f5cab93c70c3ff83640dc7c2adf1734cc0551
- SHA512
  
  d0694b68aa5c2b4c34957e9368178a53bbcebac3989c354a23c3af918c5d1523409762b5505ee1eeccbaf8e7d0b15beeabe9c8266bd7fa73ebe3773d6516e9cb
- SSDEEP
  
  49152:6tEiMHV9Rp549FQJsv6tWKFdu9CxT+LyvL/6mShMZtmjNUVrciV5P+7QVg07Ku:6tEiYPJsv6tWKFdu9C
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  QtGui4.dll
- Size
  
  7.8MB
- MD5
  
  80357749ddebee8e7c726e5521ddaeb4
- SHA1
  
  9194e9227ccc27ab8e4185dfb255babc06335ef6
- SHA256
  
  90eb6f66b31d7d1f9b41e9079805581e4981ef3192d1332c50b1f51493dd5088
- SHA512
  
  c16cdd33c5721be262dfb51a66eca07261092697bd18acbf7b06d2e6c636a51bac972701be4792f29cb7aa4a81ff616f57117a96a3ecd2ae08697fddc50c9e5e
- SSDEEP
  
  98304:gx0Cc8ZiExppPP13l1+rshWLCfE48ZIzenh64XX7G:gx0IZRxpFN3f1hWLCM
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  QtNetwork4.dll
- Size
  
  998KB
- MD5
  
  959a49de88bef582f7bc9f4820d663ef
- SHA1
  
  d504ef61d3f28e7eb862e085fff7c0d0e88c232e
- SHA256
  
  d01d41bfb2f8e73ea34fee35f27b865a076ff51018c134bb2d63039c6939bf1a
- SHA512
  
  0e5d30ea830e22695745c24c3e915bc29caeda420ff77f0dbb5e90787bd00065bc87870dbd743c18e577acafa62c93208d10e9bcc4d4e1bba033995f777c4668
- SSDEEP
  
  12288:iemsjP2JR74HxtsompV0m+BLbAHURf7nvtxnAQ2GgX2:jHO774HxKp3CSuLAQ2z
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  QtXml4.dll
- Size
  
  339KB
- MD5
  
  0b4b1d9d360d361dbbfbe54591dc653f
- SHA1
  
  27e293d87cf80aa521ec3a87ca1bdf9900d2bc48
- SHA256
  
  4064d189d7fb4a9c3a1d8baf50f3da3c67543f654330603efb6ab90ee669f508
- SHA512
  
  5870d09b086bdd2224c6d546651930dae5c10cf1a7db240d3cefee723a497464227c9ac92f1f74521c44526d99a2ac51b12e3916fdfb4e3a5d7fcf507f8b675d
- SSDEEP
  
  6144:LNSTlrL8mi0s+VPJCld4bJUsJOmhBLmDJR:LNSTlrBi0BV8fgMDv
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Setup.exe
- Size
  
  3.7MB
- MD5
  
  ed8270f3a1801ded0ce6128a8e4eea5d
- SHA1
  
  d74b43cfaf1136ea00c8b297fdd912882e038c34
- SHA256
  
  5ed9ef629732a6f4b2b9281597584ad89556c4068a1750add78fbda56cc1390e
- SHA512
  
  7d2c6d94692f88e455e45af14db251932f9e84a0db4898468c25dd8ec1f658ae500c255e43ad700471dda5daa470e9d60ccc2c2d861eee668967eb42dea20152
- SSDEEP
  
  49152:WOG6bXfJFfq5nxDzFKEj13Qe95zBsrDvLlN1kjUSKVW4LGlJW6L84:WOXulzv13P5zuWjUSKVW4yeK84
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral11 behavioral12
- Target
  
  _converter.dll
- Size
  
  40KB
- MD5
  
  8f73fb2a063127ec988dbadea5726566
- SHA1
  
  93c9419d26f92aa8e366a1f3bbd5ae33c75d72f6
- SHA256
  
  aa0c415f9383ee1ca1209acabb90523076c3c09242fcc5fdc43cc84d3fc7a79c
- SHA512
  
  93d885964637a48077ecd28883c9fad21aa92a92746c9545d28e6dcc2d805e47f649e0e593f7f00ce68a45226e8ad6a9692c5503d810126c65efb77ccc2668c2
- SSDEEP
  
  768:mqKSBKWrXrcmKp6VCXPUl+ltO16rOlbcPX/9Gh:LnsW7XjVCXPUl+ltO1F5c/Qh
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  _docx.dll
- Size
  
  3.1MB
- MD5
  
  69055da064a5373bb0fdb85db224bb39
- SHA1
  
  fd10e8f55501eaad3d30f6b0f87ebc28c981285c
- SHA256
  
  ee0ea5e0801f75a257330f40aa1fe30332802c269dfbec55013da5921c00aa93
- SHA512
  
  8d483a863e9d2bf14889a5fddb41fc7d9e3d9070d1c3b9acb4b62ad749cff394e62368b11a5bbecddb9498c5a0d27766b86bf1a1ae7c2ea4a7dfbbf5f4afff74
- SSDEEP
  
  24576:lXuJeis57+YnvidJXKXPmJp+UgxIGk0dVMuCUcmD1YRjs/cVtViyNXXB3BiWdPIe:9l3KnXkW+U5TiE/t/BDdM6V/Ke7Ac
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  _freeimage.dll
- Size
  
  4.9MB
- MD5
  
  fc41d17a256ee38a5b97937b3253fc42
- SHA1
  
  300ac8366738fcde7dfc110cfc0e93c3fd152ed9
- SHA256
  
  db87ec8535464707479cf5f7c5b16f984295b83aa7132bab350076401d1c5be6
- SHA512
  
  ac95ced5593a660e5a6f1b0b310fa14b837c548fb213ff12b7d55428ff25af9283ae331032cbcad674d9ea1c4ac57cdbe0d37b3198a08b023fe950ac006862a4
- SSDEEP
  
  49152:X2eIPddf16saZ2zF4d/LKUSdxMXk6d3ka79/Na7mZ96kB/cOiT4GRlKWn:GPPppyWHMUS7Nc7KJslK
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  _glib.dll
- Size
  
  1.6MB
- MD5
  
  d3c97a47a0639db5e65ea7f25561d536
- SHA1
  
  2c311c2889143eb53027a652f3f95d14d2100a10
- SHA256
  
  70c2f0505cc84cc86749ee786450e790f2ac7d38ca0c7a9126b3ea625422f4d4
- SHA512
  
  dd35adc1dc9b8df8f3a641b46ab97a628cd10fbfff62059b10e0db3d0396b7eb5c0f580d9ebc767f82d5f4c7f4a63d8e2a8cc6ed2d9a01bf79415ec1bb093195
- SSDEEP
  
  24576:AyhDzjoYAc9CuVSzjV8j5Nmx0IZB+yKdF0AVWtv8ZmbdU:XHChx0IB3KdtWtv8MdU
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  _gsf.dll
- Size
  
  65KB
- MD5
  
  af0bcb5013473bb717cc9caeb4125c8b
- SHA1
  
  8259f5bf66751e2d0f6292a813ae04e1908d1c10
- SHA256
  
  804812472df894901f76f472c1bed3c539600d0dcf9af52c403523515687b2a2
- SHA512
  
  f177cfa81782c3c7bd7c8ff68b12c060abdf54e568309849a6acf793773ef358de6649d6550af3b0ab9d6db9d9a5dfa894c585707603da04a9930aa2299662c5
- SSDEEP
  
  1536:EogK8BDoFNALxrrjSxFtPTdomdwsajz388:EogjZaNorrjS9bdomdwsOz388
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  _myio.dll
- Size
  
  711KB
- MD5
  
  517840868dc9466c94a1e352d3cd5a21
- SHA1
  
  5901f5bbb72e7cb6b225b68f7daeef4556fd8454
- SHA256
  
  c0e001985d9470c6703c92f08a0f46877140e07ff00cef5dcd89c78a2cb8d377
- SHA512
  
  7ebe5c472c6f62c47a76619c7bf83f64103352115f79496e6b552dd1a1ff6702263cad180c67040c1a1da562060011ddc30f1e9b52c3ee23fa83297382e6e43a
- SSDEEP
  
  12288:OK5Bf2+ou55C9PpM27PZ1QdczLjsRWl/nC5aEtfiIbpYIH9F/grvVfXnNJgD:Ow5rrCdpXPzUcz2WlW5pYw/grt/e
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  _ppt.dll
- Size
  
  501KB
- MD5
  
  e9665bb13f3fd1cf9b53c053003b5e5f
- SHA1
  
  ede1998eaf8911c41e6d79bf3bf6f780d66762d7
- SHA256
  
  60346c9ce8230bcdfca6a24a4063f159480a82342262e7fc7895f069f10c1cdf
- SHA512
  
  fd7713ea2b84daf7a4b18cb8b12c056920d20a32f742a323654482edac82a3c8743d88a9127712cf0e00dc0c45db9311ebf1b188c44b8aebd24cecf152f45c8a
- SSDEEP
  
  12288:X14aVufAnS60ZoYTvcKptABReM9fEWmE350:YYnQoYTvh8BUMWZS2
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  _pptx.dll
- Size
  
  499KB
- MD5
  
  c2ed80f6ea1d6d4322c62cc1c1ad5166
- SHA1
  
  0549e015c4254d60733f2d5aa2ab0178c888c9d1
- SHA256
  
  f05c1f6a89d5228bb96bdb4c2feb9a2f284cd647348d7dfbf438e54b1b8ad21b
- SHA512
  
  282ebf7d20f284c7cdf31e14635ad363a02d849ed8895c4dc7853d1f619f732946e514c5b173a7ae4aee0b3d7dc3b5a5d63b4d25e508e880cfc2668d80b1bf4d
- SSDEEP
  
  12288:SsqT/5F436XxWJOEo4GHsvkIcejdhhQfEWmJAX:4eqXxN4GHA7jfhBZyX
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  _wv2.dll
- Size
  
  687KB
- MD5
  
  da04a070869b9fe12b6734c552904bc6
- SHA1
  
  0bbcda0a005aea7dba708fd0009f1f192ea91e65
- SHA256
  
  f0df451dd298cd459bb08d3d6a316b583d70bc5d9e8d583f0ea7ca6ffd95c175
- SHA512
  
  9b5d01413ad9cc7fba4c999b801735b0194c044882ffb526fb431bed65a5eae8b35252346cdabdcae39fa6358d0a1e943ebc4db863afaaf482d863ca5353c75a
- SSDEEP
  
  12288:bADi5HtiWa40gQOyXV53qIevq7CV7Kqc37PSlafEWmkr:ceh9lryKIev2YKqU7PSlfZC
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  _xls.dll
- Size
  
  489KB
- MD5
  
  587cc40006d6675edc8c4e9e7b25ff04
- SHA1
  
  fdfc4944f5b54757f06f9b4d16577c9791d90c41
- SHA256
  
  daf81f2a198a6be19549e1587f5ef1e750c858f7d890368198865e7110ffa91e
- SHA512
  
  ba923e7902a9ede29b6274d1f604e5eb21cc826a0e5d290ab263a1f8713e4b62e2a8deda0026bb01b65008703c37aad97449e562f3f6f97e9d6b0017f463eda3
- SSDEEP
  
  12288:oGZnd583ZZNG3f7OXWsG309kZJfEWmLwQ:dGzNUOXWpokUZ8Q
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32