lumma | 377da081c9175a94c2e49dbcea5c46f20e7c87d35f8f6898730216ce45aa8dfe

Sharing

Copy URL

Twitter E-mail

General

Target

Temp-Spoofer-Lifetime-main.zip
Size

6.4MB
Sample

241124-yc1r1swjfy
MD5

777551fdedd68c6140afcade3e6f29d2
SHA1

2ac674af5eef628831647a470204e7fb08c6b26a
SHA256

377da081c9175a94c2e49dbcea5c46f20e7c87d35f8f6898730216ce45aa8dfe
SHA512

bb3ed5833596830eea0e602398b0293292273ad87c83fbdef7d936d70434b48a45fedb7bdab1a005187bbcc072fc2cb2a44d0769fc3dd806330581b255c5632f
SSDEEP

98304:2KUQjQvEZtdlkUjBh1ttcP5EtYeqtHl8L8Vfih4NB6g6uyDbucwu1Io3:2KUQj2EDkUjHOB9e85V6uN07/uc71d

Score

10^/10

Malware Config

Extracted

Family

lumma

https://pedestriankodwu.xyz/api

https://towerxxuytwi.xyz/api

https://ellaboratepwsz.xyz/api

https://penetratedpoopp.xyz/api

https://swellfrrgwwos.xyz/api

https://contintnetksows.shop/api

https://foodypannyjsud.shop/api

https://potterryisiw.shop/api

https://extorteauhhwigw.shop/api

Targets

- Target
  
  Temp-Spoofer-Lifetime-main/TempSpoofer.exe
- Size
  
  554KB
- MD5
  
  613df599866679f7f19d12ff86220db8
- SHA1
  
  33a2f464888fd8aedd2c4cd8f79e9e43321d8465
- SHA256
  
  65f8e0e219637833386b6cfe27bd2f8446a214f02149628c63dd0329501e17e6
- SHA512
  
  4091dc9ce75e7ff9a1131aa200e30ca293a8619a616bce17a4f5fa6e79602848efd422be64be7af8aff3c99f75536d2ea45dbcf1d7afb0a7998a0526bf76ce13
- SSDEEP
  
  12288:2Nqf82rBbd4Qlj68ZEpv/7B+WIOzys7AsMC6WReVDTKwWZwfwsBAlny7Jc23OBuB:2s82ZWQx6AKsWL
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Temp-Spoofer-Lifetime-main/imgui/imgui_widgets.cpp
- Size
  
  398KB
- MD5
  
  4c861b508d279476cabe905125f9f22b
- SHA1
  
  21c66b34182e7a9cb3e9ba19480854ceb622d3a1
- SHA256
  
  c5411fb7b51416995e97478bbb2c77ce752090e41ffaed6aa401936247494cd5
- SHA512
  
  6f3b9edb38a124670764ccca43adf9c5be86dc23fd623b33bf50412125bf9782ff69a4a558e1fac5e5dbdc66b8f647c32a7306096f2afd91dc05b06a2a9e627a
- SSDEEP
  
  6144:mTSoo34Q5XfG21IV+gskMM2MpwFWk1O1EU:mTSoo34Q5XfHwMM2MpYWk1O1F
Score

1^/10
behavioral3 behavioral4
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/net20/Newtonsoft.Json.dll
- Size
  
  557KB
- MD5
  
  2c41a312a9fb88d4d941af966b91510c
- SHA1
  
  488fe552cec6c1eebcd87f13061276bb09f46469
- SHA256
  
  500eb5560aae4d3a4d7dc4c61a880906ed0231f1a636113f74778b86eaf979b1
- SHA512
  
  ca4d6314c684df6684fbce099b6ee3cbd0a53a64110e5c996cda13bdd67aa8659bfb4ad806c5509bd6d6f3aa90f1bcda917a62754a78a734cd1d2f9fd08f56af
- SSDEEP
  
  6144:lU3Xko42dAQX23EkyF/D2twQ+87e4YWOXoyRl/2uTkVal/BuCia/WAulFh:Ck3g6EkR2g7eZ9R3keBoAuZ
Score

1^/10
behavioral5 behavioral6
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/net35/Newtonsoft.Json.dll
- Size
  
  493KB
- MD5
  
  1390b082700afc53a7aa320f3259325e
- SHA1
  
  8f72572ad084ef145fd3286930af6b70ba622384
- SHA256
  
  7beb6a951b92af14322a382cf105fff8d0dc63518b33556b98e09daca0cb6d07
- SHA512
  
  ace3b9548bb8d29805673ac4611a141e4c026c5d09a63bd399f904d28ea274f9e0ff682b99adce25a66ccdd7e3f03e0a45ca9ae0a67e88d9d1c83cb34180b8d6
- SSDEEP
  
  12288:ZmKLDa2Tqte5+7OWpP8gkRCj7gBEA+PeKjJc:Die0/pP8gUwcBEAMeKdc
Score

1^/10
behavioral7 behavioral8
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/net40/Newtonsoft.Json.dll
- Size
  
  560KB
- MD5
  
  8f81c9520104b730c25d90a9dd511148
- SHA1
  
  7cf46cb81c3b51965c1f78762840eb5797594778
- SHA256
  
  f1f01b3474b92d6e1c3d6adfae74ee0ea0eba6e9935565fe2317686d80a2e886
- SHA512
  
  b4a66389bf06a6611df47e81b818cc2fcd0a854324a2564a4438866953f148950f59cd4c07c9d40cc3a9043b5ce12b150c8a56cccdf98d5e3f0225edf8c516f3
- SSDEEP
  
  12288:ZzfhypmNGgHA37YyUD1AboTf3xnpJbC8VGSBJjRuz7:ZoI1AbQf3xnpJbC8VLBJjRuz7
Score

1^/10
behavioral10 behavioral9
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/net45/Newtonsoft.Json.dll
- Size
  
  683KB
- MD5
  
  6815034209687816d8cf401877ec8133
- SHA1
  
  1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
- SHA256
  
  7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
- SHA512
  
  3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
- SSDEEP
  
  12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score

1^/10
behavioral11 behavioral12
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/netstandard1.0/Newtonsoft.Json.dll
- Size
  
  653KB
- MD5
  
  a54b7154ad22f506e27fcd5313c25914
- SHA1
  
  55ee4f0e7c24633ecf1e26cb85e2853fded03553
- SHA256
  
  90bcd0b2d3a190a885218d44edb6434a431b0c85ba992ba753657f3319bef06f
- SHA512
  
  c3ee26810062255be9096eb2976f13092f1ddaadc572e8de2d8bdaca4ba8a622d11e7e30f6172a358ec01eb3370b86425b8534bf5e4a8b9df02e6c9f2cbd973f
- SSDEEP
  
  6144:ajQLu6eR/8HEjm4y3QggkYZs8xdmkaC/L1LiKHxo/SKpzxRGZz53YWDkdBMVy7WY:a8ZeRtq4PIYZ2ooqAkfY2da2AWAl
Score

1^/10
behavioral13 behavioral14
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/netstandard1.3/Newtonsoft.Json.dll
- Size
  
  671KB
- MD5
  
  35ed5ebd574d619b52041dabd496c632
- SHA1
  
  05c08405fcdc423eedf85d4a6db054720e3c4544
- SHA256
  
  7fb7842edcf315f09b9bd3d3664454148562f09d5cbfb1f2e64de914dc4c8a60
- SHA512
  
  8ba72977b84f645e230d1b1bc6373c3051d993add7576825ab31ed4b2c0e28df5e40842ca190d38dae95f28599a93d366fa06c671e0c812cf7dc1c9d7d8ae785
- SSDEEP
  
  12288:bFGG5+vT3hQ0zJjVNKHuTZDfJLjmQDCB5p:gGiTJzN7TZ1LjxCB5p
Score

1^/10
behavioral15 behavioral16
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/netstandard2.0/Newtonsoft.Json.dll
- Size
  
  677KB
- MD5
  
  9454ae6eb0c6ad77e93a95074ba29266
- SHA1
  
  df83fcb3639596ad42d5be8314ef9d672079198b
- SHA256
  
  99177a4cbe03625768d64a3d73392310372888f74c3eb271cf775e93057a38e6
- SHA512
  
  8d1d2bedde2d5f33179560e1a4f72206ee1984b3f5eb96e93f94329c4c4a8044dd74d62f9e708293132de8c8f351f0e7fed74a450a251a8ade205702b29d9de1
- SSDEEP
  
  12288:SW7laYjrY+5lqoa34DOyPsoD2AgBSjq13P:xP0iqoi4DpEBSjqVP
Score

1^/10
behavioral17 behavioral18
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.dll
- Size
  
  457KB
- MD5
  
  d5178a9a304c0e069250584352b2ffde
- SHA1
  
  7f882cdf5d8bf4c9cb778d7e4f7acc6898daafdd
- SHA256
  
  b2ecad4214e4f033387284edfa345dbf119be82193ba14f5373d1532d13adafc
- SHA512
  
  21eec59addd91393181503c0d59e5904a12318f68d3578f52f4479253a5038b144e8f78420ecdfc94ea5b2e6c3af969028b1ec6c3f43a788ab603ace54927d73
- SSDEEP
  
  6144:12GQyV6/vgHVeM50fIiHWzFU8atXySolOQv383n+GcRYYalZ+sYd5A8QNjUdY:12GQFvVO0VV9VQvM3+ZRYkA8gS
Score

1^/10
behavioral19 behavioral20
- Target
  
  Temp-Spoofer-Lifetime-main/packages/Newtonsoft.Json.12.0.3/lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.dll
- Size
  
  652KB
- MD5
  
  5132aa8a39fd5a53ff491e3931d2fc0c
- SHA1
  
  5cfe9782649c73e704cac00cb6b3d99e409bd80e
- SHA256
  
  bfa3658d682a2fc64456bc3df44129db122f5be256d930c06c39474b7d108972
- SHA512
  
  5a0a0cf39dbe4a4488c6e564f7238e78d7fb8759a06fb0160f6b5befca50ad216d8212b2eb6628559c2e9ef450032043971dfdb9ea2767a988e0428c6eb40a30
- SSDEEP
  
  12288:4mg+s4QIqDCWk8bhhdngX3X3X3XQMsATXO:VoIqDC58Nh5gX3X3X3XtsATe
Score

1^/10
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22