lumma | 0b0469b06437b67cc72a596ac417a8467a36e723c5691525c9af92aeec4f639b

Sharing

Copy URL

Twitter E-mail

General

Target

FORTNITE-MACROS-EDITOR-V2.5-main.zip
Size

4.1MB
Sample

241126-yjjr3ssrgj
MD5

3285ecc7759ee81d00084011f5ddc0f0
SHA1

addf04dcb1956dea31f2966a7348806d3ca36033
SHA256

0b0469b06437b67cc72a596ac417a8467a36e723c5691525c9af92aeec4f639b
SHA512

4c207af7da8b198061636b622b8577343a4a8a61c0859e0b9cd38b8b569b8aa5112548608a9c4242f74c8c29e3908fda2194fb49373c8bfcda66f36028174e47
SSDEEP

98304:exle8Y8SyX67ClS7bxsuvKedVdXbiXUAnm+qkGVqLCXjtBAdI3:ei8Yz3BX9vDpLiXUB+nG0LW/R

Score

10^/10

Malware Config

Extracted

Family

lumma

https://covvercilverow.shop/api

https://surroundeocw.shop/api

https://abortinoiwiam.shop/api

https://pumpkinkwquo.shop/api

https://priooozekw.shop/api

https://deallyharvenw.shop/api

https://defenddsouneuw.shop/api

https://racedsuitreow.shop/api

https://roaddrermncomplai.shop/api

Targets

- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main.zip
- Size
  
  4.1MB
- MD5
  
  3285ecc7759ee81d00084011f5ddc0f0
- SHA1
  
  addf04dcb1956dea31f2966a7348806d3ca36033
- SHA256
  
  0b0469b06437b67cc72a596ac417a8467a36e723c5691525c9af92aeec4f639b
- SHA512
  
  4c207af7da8b198061636b622b8577343a4a8a61c0859e0b9cd38b8b569b8aa5112548608a9c4242f74c8c29e3908fda2194fb49373c8bfcda66f36028174e47
- SSDEEP
  
  98304:exle8Y8SyX67ClS7bxsuvKedVdXbiXUAnm+qkGVqLCXjtBAdI3:ei8Yz3BX9vDpLiXUB+nG0LW/R
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/FORTNITE MACROS EDITOR V2.5.exe
- Size
  
  550KB
- MD5
  
  ee6be1648866b63fd7f860fa0114f368
- SHA1
  
  42cab62fff29eb98851b33986b637514fc904f4b
- SHA256
  
  e17bf83e09457d8cecd1f3e903fa4c9770e17e823731650a453bc479591ac511
- SHA512
  
  d6492d3b3c1d94d6c87b77a9a248e8c46b889d2e23938ddb8a8e242caccb23e8cd1a1fbeffee6b140cf6fd3ea7e8da89190286a912032ce4a671257bd8e3e28a
- SSDEEP
  
  12288:SQ5vTleU6iA6AiJ/uJxZjUXUxYcuORWETWOORGzbZr4QClJJRJAr6Ok:SQ5pexaALoXe4
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral2
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Family.dll
- Size
  
  9.0MB
- MD5
  
  2373e8926abd289334d46f4e74f27f74
- SHA1
  
  e843ce8fe497dda015ae070e2446d88b44b5a120
- SHA256
  
  71f5d38e9436fb0b2e88f7697567a501d6453de397c2ea72d56bc3a4d91cd022
- SHA512
  
  129e50b461ba1442e70327fe99403d7e5dc611dc5d075c3a11ce05b7fba12dc49a6ba0eb3193608437a490da2f974739ed321f761e8652a61d68543dc337c50d
- SSDEEP
  
  98304:BA4q3d0aAo533UlWykW2HB6ZJM9cYKPY:BA4Eyo50lWyj2HB6Zq99K
Score

1^/10
behavioral3
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Hotkeys.json
- Size
  
  413B
- MD5
  
  22d6840963463d4701c1007988b6d3d5
- SHA1
  
  ac24b723ca95d43ffce537d862f9e4acd0ca63ac
- SHA256
  
  74b3d5014c123d3bfcfbe8d671a22eece61f3b1d3c4feba93bc8105b67fc4d93
- SHA512
  
  898d4dc5dd00c085a3375beefebae9826058d17c4eae66703ace6c8f56c6405d4c86728ea9ffc523ba45d219f9c6778c326e5f261b2729762386018c04475f32
Score

3^/10
behavioral4
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Language/de_DE.json
- Size
  
  118KB
- MD5
  
  dacdc1ffe6a4abb4525a965707477992
- SHA1
  
  034d1a7b3d2fa375367741bf69adb34dc86e26bd
- SHA256
  
  b962f9fc1c554899beffb95de014146bc95339fbb1743596f3122dc5f847fd03
- SHA512
  
  f8bb6f8b630468cc97bf94aa6186c4a28117ab8d1a08124cc495cf7c6914be4ca696579ec5cea69195324f5710b430604b2cba9891ef920f927c75734e6d1a22
- SSDEEP
  
  1536:TG+M/On6HmjNbrVa1GVJ0kG3IH7ytHc0xaMXrKZSDJmcBUwi8A:UlCB+Hc0xaW+IJmoUwi8A
Score

3^/10
behavioral5
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Language/en_GB.json
- Size
  
  117KB
- MD5
  
  36be651fd251b325fc5ff8680b879350
- SHA1
  
  1f610af71d45d6db32ee8771fee9ae58b0f621f7
- SHA256
  
  a8fa7d9e54dd5518ad0532b667a7aae0e3a8f20f67558ff1bf25a216780fa639
- SHA512
  
  fdacc4da0da370931e95e4b50193d8ffd8a49001edf7236eb861ef57b577bced5b79167d64734a83ff303eb6e5a297c3fed2b21192745e389c01fb13ed7600f5
- SSDEEP
  
  1536:oURnttzJjRwuLjZiYxn95zmYHWc0xacYSDJmcBUwicA:oqDjZzWc0xagJmoUwicA
Score

3^/10
behavioral6
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Language/ru_RU.json
- Size
  
  125KB
- MD5
  
  90e5c3f55a7c8f95c34060f1c5b8cd2d
- SHA1
  
  4c5e9c01ebde4a0a9eb853d9373491f5244bf79a
- SHA256
  
  0d6326c48658396bc781e37d1b11260d524f04134e5abdfd4b8f5bc7d63b87ef
- SHA512
  
  d955721e2694eb0ff889a1fe4e8e40f8eeaa6843a30a29769579cea371ef8581b6caf54eb74ef1b0bbabe3b937121bb8dbe23d341cb4ab516d65a1ae28f2ea41
- SSDEEP
  
  1536:zp0zasru8IMgpSYxK950vxc0xab8YSmJScBUwi6A:zpSzu8IMgnxc0xabpJSoUwi6A
Score

3^/10
behavioral7
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Language/tr_TR.json
- Size
  
  118KB
- MD5
  
  284fa4410964c1078fca93f3500758b7
- SHA1
  
  b742f38e9cb742e058b85375d7ec42bc12d2fd06
- SHA256
  
  57246c8e89c54b7df951ecf6c020992345d179bdcff9b4d2f49605e0e797d46e
- SHA512
  
  70471e109a262559ca222a2ca14b053b10320c875d23a7cfc0f58d51f206202ad3b0f90514c3a7e574171c069d2a37bb2c824b012a8abddb0efbdb23f593d140
- SSDEEP
  
  768:P3UZ9Vc1/YKXtVy4Gg0oRLIX582xVNAsKZrUnMTpTlkxzIY/znznv1KoA9DGHNv7:mVc1Aj4Gg0oRLIq2xZKyMTpTyfpVMY4A
Score

3^/10
behavioral8
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Language/zh_CN.json
- Size
  
  116KB
- MD5
  
  b855f604a741168bd398aa50950cd1bc
- SHA1
  
  91db7eb21f78df3cde5a34218932eb8062714e14
- SHA256
  
  4f61acc06a7b4cda80dbe5de5d26d751ee93df62621de1c9b3f2cc2cea739aba
- SHA512
  
  8e7091b9a53e48a4ce0aea9fdfe669bcb5931cabd9115cd14c296b51821c9f2237dc137407dc3a4cc7f0329e72b9ea525393cbba3e7c563f83ea9f3153ac1725
- SSDEEP
  
  768:i/dZnzFdeGtFgfl45uYh6fiPP6crg8bmjFjNh:EzFdesF6yrg8bmjdf
Score

3^/10
behavioral9
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Language/zh_TW.json
- Size
  
  116KB
- MD5
  
  b400d9e1e249c714e072fa7af599b72a
- SHA1
  
  1f1cad30c01a14ac2b4be77143192ad94f8b9638
- SHA256
  
  afa19385ad7472966689cb82f0489e9e8d0358066c14a44c8e4406bdc04c1232
- SHA512
  
  3217e96912d220536e3e42cd00ede6972a3f8f7d1eb1b8e7f7b26e43f238ce3f5cf77dcb47bad30d7e0976325becceaf081e448af75af5fbf2ed138f5dddc29b
- SSDEEP
  
  768:X3e7EmDFxMTv1F4C+ieCdkZm85Z4CHNdq9jZec:ne7EUFqTv1F4dieAUtdq9jZ3
Score

3^/10
behavioral10
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/README.md
- Size
  
  630B
- MD5
  
  0ab789fcf941c731f17edb8285af19d4
- SHA1
  
  84ffac69ebb3b874dd340221ae47d9f85a2890df
- SHA256
  
  9b0dc9743d092e5ff0bda16d6630882ea527efad58dc6bfb99540078339b5985
- SHA512
  
  a59096cc1ca818f974e3d199d1d3a3ffe394d70c46140b25a944d58cea2029d721d216911ef49a96cd4663f3bad43ced577b0b6b8f3be50b809a7d49abcecc4e
Score

3^/10
behavioral11

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11