lumma | 1181cd065415775a2e20766fcadc5a4b911ffaf7e0ec2a2526fce9330783b990

Resubmissions

27/11/2024, 05:53

241127-gljresxlek 10

Sharing

Copy URL

Twitter E-mail

General

Target

fl.zip
Size

172.1MB
Sample

241127-gljresxlek
MD5

a0708a48eeabde5809b3e1cea195a1a2
SHA1

14f2912ce1c4c013ca24e728e582c6e36c123d01
SHA256

1181cd065415775a2e20766fcadc5a4b911ffaf7e0ec2a2526fce9330783b990
SHA512

8c5ff155e53f82d940c4969f8dd39a0f965561543a407408fc9af65bbbfc1ecb0244471d059e37cf29afe7b477c1a88b7b4dcddee74cc0ec49190853b654b1bb
SSDEEP

3145728:/HqaEU9Qv70Vo93mBOlRpDBIE/PcM7ocqIX9N9KHvi7MlU437cqIX9N9KHvi7MlP:ibU9Qj93mstDR764fIvi7Mlx4fIvi7Mt

Score

10^/10

Malware Config

Extracted

Family

lumma

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://husky-fish.cyou

Extracted

Family

lumma

https://husky-fish.cyou/api

Targets

- Target
  
  KeyFile/1033/sharedmanagementobjects_keyfile.dll
- Size
  
  23KB
- MD5
  
  5e54cb9759d1a9416f51ac1e759bbccf
- SHA1
  
  1a033a7aae7c294967b1baba0b1e6673d4eeefc6
- SHA256
  
  f7e5cae32e2ec2c35346954bfb0b7352f9a697c08586e52494a71ef00e40d948
- SHA512
  
  32dcca4432ec0d2a8ad35fe555f201fef828b2f467a2b95417b42ff5b5149aee39d626d244bc295dca8a00cd81ef33a20f9e681dd47eb6ee47932d5d8dd2c664
- SSDEEP
  
  384:84k5u5z7PVXPWNgWJwzzvhPapBjTeajCxnvZTawclHMrm:84Rz7diEzvGArnhax+m
Score

3^/10

discovery
behavioral1
- Target
  
  KeyFile/1033/sqlsysclrtypes_keyfile.dll
- Size
  
  23KB
- MD5
  
  5e54cb9759d1a9416f51ac1e759bbccf
- SHA1
  
  1a033a7aae7c294967b1baba0b1e6673d4eeefc6
- SHA256
  
  f7e5cae32e2ec2c35346954bfb0b7352f9a697c08586e52494a71ef00e40d948
- SHA512
  
  32dcca4432ec0d2a8ad35fe555f201fef828b2f467a2b95417b42ff5b5149aee39d626d244bc295dca8a00cd81ef33a20f9e681dd47eb6ee47932d5d8dd2c664
- SSDEEP
  
  384:84k5u5z7PVXPWNgWJwzzvhPapBjTeajCxnvZTawclHMrm:84Rz7diEzvGArnhax+m
Score

3^/10

discovery
behavioral2
- Target
  
  KeyFile/1049/sharedmanagementobjects_keyfile.dll
- Size
  
  23KB
- MD5
  
  5e54cb9759d1a9416f51ac1e759bbccf
- SHA1
  
  1a033a7aae7c294967b1baba0b1e6673d4eeefc6
- SHA256
  
  f7e5cae32e2ec2c35346954bfb0b7352f9a697c08586e52494a71ef00e40d948
- SHA512
  
  32dcca4432ec0d2a8ad35fe555f201fef828b2f467a2b95417b42ff5b5149aee39d626d244bc295dca8a00cd81ef33a20f9e681dd47eb6ee47932d5d8dd2c664
- SSDEEP
  
  384:84k5u5z7PVXPWNgWJwzzvhPapBjTeajCxnvZTawclHMrm:84Rz7diEzvGArnhax+m
Score

3^/10

discovery
behavioral3
- Target
  
  KeyFile/1049/sqlsysclrtypes_keyfile.dll
- Size
  
  23KB
- MD5
  
  5e54cb9759d1a9416f51ac1e759bbccf
- SHA1
  
  1a033a7aae7c294967b1baba0b1e6673d4eeefc6
- SHA256
  
  f7e5cae32e2ec2c35346954bfb0b7352f9a697c08586e52494a71ef00e40d948
- SHA512
  
  32dcca4432ec0d2a8ad35fe555f201fef828b2f467a2b95417b42ff5b5149aee39d626d244bc295dca8a00cd81ef33a20f9e681dd47eb6ee47932d5d8dd2c664
- SSDEEP
  
  384:84k5u5z7PVXPWNgWJwzzvhPapBjTeajCxnvZTawclHMrm:84Rz7diEzvGArnhax+m
Score

3^/10

discovery
behavioral4
- Target
  
  License Terms/150/LocalDB/Binn/Resources/SqlUserInstance.rll
- Size
  
  20KB
- MD5
  
  34a0d74588db4242b3166bcfe1c2cdd6
- SHA1
  
  19630f066153012c3f2c79cd02ea6dd08b5f512e
- SHA256
  
  89521c05d50625512ef53b3c11cded25cdee1d7dc63ff539c2ba8a58a6361e13
- SHA512
  
  883ea9084dbd82be0320f44a600393899877190535498d39d6be6095abd59caf6058a993876ece2449eae2814bfa5e0245c6fe0680f4e6c2b61bde6bfedc5638
- SSDEEP
  
  192:zvGPWFxxWOBWULwu0Sc2HnhWgN7ayvWYjKI+XqnajlFQuY:zvGPWFxxWO7D/HRN7/+ImlQuY
Score

1^/10
behavioral5
- Target
  
  License Terms/150/LocalDB/Binn/Resources/de-DE/SqlUserInstance.rll.mui
- Size
  
  22KB
- MD5
  
  b30fefc695f4444a893d567727b7520d
- SHA1
  
  7c30c0664a6d7bdf5b74d6db49880b0412902a33
- SHA256
  
  5c078a9b5ef063d10f5059a37d0dea80d44a5297cd273e779f8b0a53fdfb8cb7
- SHA512
  
  9e38cecf8b7866fda83a7c58982d8abf418cb67fd909e765727ea3e510713894a57426ce24de2c08e02dbee0b5736ef1623414704aa8952b04002ccde97ea338
- SSDEEP
  
  384:NXe7Jj8tgZO3l3tBNADygiKWwmhGWbD/HRN7uDR1lT2X:NLHBNcRuzDvu1qX
Score

1^/10
behavioral6
- Target
  
  License Terms/150/LocalDB/Binn/Resources/en-US/SqlUserInstance.rll.mui
- Size
  
  20KB
- MD5
  
  fc4f82a8de54ccb30de50d9981ac6839
- SHA1
  
  7dd0063fd84285759731dd19299dab8a01c752d9
- SHA256
  
  f98754389a248c07098a28aadd445863ab73273497803cde52cc90ec6cebb359
- SHA512
  
  df1eabadbe157d27bb7182619e5a0b0461414d3df04359c30ae809d185d55b997eaf32254151f9c427d4cee48d730eb4f7c9878e8f9849ad967b86d4d550977e
- SSDEEP
  
  384:0+wmn1FXuebMWyP545PWFtGWUD/HRN7N9R1lT7s7:8u3Yt8DvNL3
Score

1^/10
behavioral7
- Target
  
  License Terms/150/LocalDB/Binn/Resources/es-ES/SqlUserInstance.rll.mui
- Size
  
  22KB
- MD5
  
  553937b6919c99be1c01f2573e0ceedd
- SHA1
  
  064abc97a7c8b9ccca56688a853c2198bdb31d91
- SHA256
  
  f9874030171972d18f3dc0613e66033b94c380570a43bccbc3c4f196c94d4221
- SHA512
  
  99caa8b06ae1ce3ddba98de5d9630374afc58e4f45bdc816eaa20b193a0a675900a860b96fd0dfbf09d7003fcb5d31884627000244ab72134897a8430479203a
- SSDEEP
  
  384:mTuganLHNJ/EcTN0mq6uwfiq5oemXWfrGWtD/HRN7KImlQNv:9r1Dv5
Score

1^/10
behavioral8
- Target
  
  License Terms/150/LocalDB/Binn/Resources/fr-FR/SqlUserInstance.rll.mui
- Size
  
  24KB
- MD5
  
  de9f74d85d098faad2e6a474da74ed5c
- SHA1
  
  634c5df556356d4e28a6254e4151c9afa938e646
- SHA256
  
  60c405450b4a0dbad51709ae5c861d1294c4b086755fe3f9a8f27a6762ad3a27
- SHA512
  
  e9f2adf5c8c10e778b4892e3a4592df7ebd9d1ec67360b561a5f09f7ae7031d6d642372717afcd921ba543463b33584ea361ef75d24de2452518f791c5fd74f9
- SSDEEP
  
  768:BMLOOyP53fXPDjLlxFJAmLGtJh1Zwbj6pVDvSq:AFvSq
Score

1^/10
behavioral9
- Target
  
  License Terms/150/LocalDB/Binn/Resources/it-IT/SqlUserInstance.rll.mui
- Size
  
  22KB
- MD5
  
  2950c68d38391ab2c206e5ab231c0945
- SHA1
  
  d958eb015858ee43674768449e2de6ede58d756d
- SHA256
  
  f58eec9cece4bbb1abe97241cfcbbee35a6ceafcf8a39afba122693af13a42f3
- SHA512
  
  b1e1b034b6e350476f37cb2f2545186f34e49d4cf933447745142d3e18381b3c7ca311ddb5415c4e8a2ee9fddb45f4603ed98deed0a89658b16a57c00bcedc15
- SSDEEP
  
  384:+UrE1HsxSsSOr6q2NkBqRvVmhNW6uGWyD/HRN7wR1lTnc:mViuaDvIjc
Score

1^/10
behavioral10
- Target
  
  License Terms/150/LocalDB/Binn/Resources/ja-JP/SqlUserInstance.rll.mui
- Size
  
  17KB
- MD5
  
  74e96fd0f188ad2dd3f91f2bb4dc749e
- SHA1
  
  1a13ff7630023689ec9b04e509eca6da48e1e433
- SHA256
  
  16a6f34a270c3e78db03af615d4812ac4d7e1362899e21aa74c190cb85e4f3d0
- SHA512
  
  a21fe7a95fb72fbd3cc812aa10018eca8601eff9514b83f40630f1a7a6344a77fd64a8274cda70e6279445d374bde2f9c9d16d020e6186dac73d6d53b8f29e78
- SSDEEP
  
  192:xPnb5mkmZnPGfIKyCk0PY4WFtGWRWULwu0Sc2HnhWgN7ayvW1xmZdGP2qnajldG4:KPGf7koY4WFtGWLD/HRN733Llfbl
Score

1^/10
behavioral11
- Target
  
  License Terms/150/LocalDB/Binn/Resources/ko-KR/SqlUserInstance.rll.mui
- Size
  
  17KB
- MD5
  
  ba2e9ac880f22762db631e4f183d9d25
- SHA1
  
  149b6440aa6005da3241b2520b555e0060fd18fd
- SHA256
  
  626cc8832025d12f8cb79e11ecde52ad499053e2e7c9abaf785de5c7f5cc1ab6
- SHA512
  
  0ee9016a31f0da0c645327bf2e691dbc3a4932e8f22416c8ba440a9ddb6d33c497476a0c4349837f386e3d11e57af23225d000f00fe9d0384cf459acd419757d
- SSDEEP
  
  384:XVVcMFwHY4okRv8HYq33cF0WstGWUD/HRN7SmgR1lTC3:eYntMDvSTm3
Score

1^/10
behavioral12
- Target
  
  License Terms/150/LocalDB/Binn/Resources/pt-BR/SqlUserInstance.rll.mui
- Size
  
  21KB
- MD5
  
  f89385dcd27c93b16915dcb29dbd5702
- SHA1
  
  9fe13a9593a5ec8a5f1ac1ee68e81c16a79f2708
- SHA256
  
  658bf89a45bd5172c2ee761aede87798d5a3610fcec29a1150287b6977b5c186
- SHA512
  
  065eec8d5f50901ebde3097fb79acaa8c6ed34a9613df6a3a3041f2af1b0b11cca2dbae10f4d3684dcc2cd6b0b1f9a14caa90032d5a080811d0f54b27888d47f
- SSDEEP
  
  384:7WvWvW0W+WaWyWRWhWvWV5WNWpWK/WfWXwLWWW/9WWlWQWmWnWPaW9WgW1W/aWrn:LxwWJuCDvgU
Score

1^/10
behavioral13
- Target
  
  License Terms/150/LocalDB/Binn/Resources/ru-RU/SqlUserInstance.rll.mui
- Size
  
  21KB
- MD5
  
  951e8bedf4aa6a878e98206d88b6d0e8
- SHA1
  
  c43a4ab970d0feafe28022ff3c3817d0dffe39b3
- SHA256
  
  0c9f35b1a60054e5455201ede66f021d5b4ede92d0ba2add88cfbc910c632691
- SHA512
  
  f728eb9c2e3bacfc7b693d28171e73e5c6440e1b81dcbf80a3a6fd6b9ccd99d1181fddbe611a8f65c81b55ab499193ca1726342520d0a10e753a8dcdc489253c
- SSDEEP
  
  192:mXNamfu34jsmRttCzdkzscVEvPAGWEqWULwu0Sc2HnhWgN7aQWDbCJky1qnajvH:mXc0scKoGWEcD/HRN7nR1lTH
Score

1^/10
behavioral14
- Target
  
  License Terms/150/LocalDB/Binn/Resources/zh-CN/SqlUserInstance.rll.mui
- Size
  
  15KB
- MD5
  
  fc5831d92a79c879d6da3a30351ebe24
- SHA1
  
  758cad15e0952ba32690d0743a785622da63ca67
- SHA256
  
  2f8ba9e830fb7937f34a1278525df941b684d453134a676f21c358b127070859
- SHA512
  
  1d30a30b6db5bb743caa5f756a179611e63f2abcba240f6b6ff6200e98de3268db26134c0cbee49bcb5f7fc376e041bf8616466ee079c90a4b03bbc2a8a9f4aa
- SSDEEP
  
  192:F/kfKz4FP3gsz8YWF2GWzWULwu0Sc2HnhWgN7aQWozRCJky1qnajvhgux:nqAYWF2GWxD/HRN7JzgR1lThgu
Score

1^/10
behavioral15
- Target
  
  License Terms/150/LocalDB/Binn/Resources/zh-TW/SqlUserInstance.rll.mui
- Size
  
  15KB
- MD5
  
  13142c39ab174fd96e34e90cb11faac5
- SHA1
  
  647ca5d03a506eab70c1ec5d2df5fb5c58616124
- SHA256
  
  53628cdc01c218e796e700033944e3acd9c9e2e098509493e98aaeaadfccfb89
- SHA512
  
  4feabcde64c219817c79e6a7f889d3778a1eab557cc09fb1ec2d1df89a845d120d67c861cb9e9b6b840f369d9b8a60f3e373dbb1012690cf58c5d53f6daa2645
- SSDEEP
  
  192:5EzY7R66aU1KUZtwTWiAGWSWULwu0Sc2HnhWgN7ayvWZJHI+XqnajlFQXW:5HF66n1LwTWiAGWED/HRN70JHImlQXW
Score

1^/10
behavioral16
- Target
  
  License Terms/150/LocalDB/Binn/SqlUserInstance.dll
- Size
  
  168KB
- MD5
  
  26f2ffe2b77e18f02ad44dfe0976c084
- SHA1
  
  5c53aeb7558e3ffcaa0fdae00575e65fdaa32e17
- SHA256
  
  ec41019a6ae2874e75d5856e845eb42b2ada2e738467b11e44868061f552c617
- SHA512
  
  867db4e9f92cfcee9d36fe404a972880dc72748d45747a2e5afdd8ba5d98a1cdf2f3476f4e3b1b79b0d1173942ef28656bc1e08640c4d6a68043d6202b13daea
- SSDEEP
  
  3072:gGhuUCVJUiOQIlJYSz4c/iOH5HgDFJhhsn6/8dTdrOWH6WtEHRRHwNdE4AAfJ15X:9QUXiObliSz4c/zZgDFJhhsn6/8xdOW5
Score

3^/10

discovery
behavioral17
- Target
  
  License Terms/150/Shared/xe.dll
- Size
  
  616KB
- MD5
  
  9abbdab424f66a7f4c395fd8759cef0e
- SHA1
  
  d08a1fe1ab2eb09827f26fe493994e8f064c74c8
- SHA256
  
  f724575de0ea9ec3cc15a1f10d6a936ef2ec6dd3790d0d1c39dfc1f9d31aece4
- SHA512
  
  2583f01afd894330c1e98a57327df14605b19c4baa06beba9f42bb63a0831f669bf495fc91c16041cd882169434a568b09fffa2d5f56edbd2b36fbb6a8ae5ef8
- SSDEEP
  
  6144:atkUO5IjISRbo5x88oTPVXU+u/o6XPLFlDxzqKoAMl2FrbyOHgNf1UfD2t2BgCcJ:ukU3IBC823SLMkFrzgx1Uyt2mL0eUW
Score

3^/10

discovery
behavioral18
- Target
  
  License Terms/SqlUserInstance.dll
- Size
  
  150KB
- MD5
  
  423671a408eedd5e51f4d4f6a3de4589
- SHA1
  
  7a96a2c6e2381e78bdd152e3caef75146460f488
- SHA256
  
  b62fab3be134e7765720c0eb579be5a65ae719771b1e39c14ac39958d554b90e
- SHA512
  
  4e9aa8c9ff248d4ec86d79b8515dbe51fa30aa5b28124a2c1872270c30e7887c1d49c573116237f393c29ef431b97110212fdac9d3a27134b6effdc5d373c11c
- SSDEEP
  
  3072:bm07GntHw9i1pCiY/cYCuyaBeipTCl/0YgPjGWuwLWW1cQFaNWpVfxTdv7OH3UCb:k9Y/cpascTg/0YgPjGWuwSW1cQae5TdS
Score

3^/10

discovery
behavioral19
- Target
  
  Set-up.exe
- Size
  
  878.5MB
- MD5
  
  2a27eac169bb1bb7a532aa6657827376
- SHA1
  
  2665bea649de4a227d85d64e77014a297082c85d
- SHA256
  
  cf07d60fd0f7a92d411091a4f3af1f87beb6877162cf73eb94ee6d6230ab5e8d
- SHA512
  
  81d2879fd4d1da2a224adfdd9d687d5993757997381f7028ab638623499864be72285e3bdd21559a87cbd4650e2d3706f5f2fafc29e1a4e803f2b1c74ea0d098
- SSDEEP
  
  393216:YNsJeLiXMLAib+w59R07kT2enZ9G32ageFAnxBk+:Ks+iXEne327e4
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral20
- Target
  
  Updates/80/COM/sqlvdi.dll
- Size
  
  200KB
- MD5
  
  5fca59a96ad276ee95bc6ab297c3b374
- SHA1
  
  08cf8d5ddf77fb7b51e210a316b5f89b81acb514
- SHA256
  
  19e4a2a8676a9f4a488d67f1f7e44bf8a013f0ab5c51d7a0d4911e4b2300e2d6
- SHA512
  
  83dffee067f9b6e5349e3b3f4db469ff9e44028e1ccfbcea8b89d2ee3946b75c31aff4a2f04058e22cbf7afe663f650a105c14e1dd9ee096d4d026da0023ff56
- SSDEEP
  
  3072:bXA0f7V8M5uGcdTbdfQC2mCpCJ4bvu76gAOD05hoTl1wrcGBxG2fOXEOGS8:bXA0fBrcdTb03WhJYkGxGaJlS8
Score

3^/10

discovery
behavioral21
- Target
  
  Updates/80/Tools/Binn/sqlvdi.dll
- Size
  
  200KB
- MD5
  
  5fca59a96ad276ee95bc6ab297c3b374
- SHA1
  
  08cf8d5ddf77fb7b51e210a316b5f89b81acb514
- SHA256
  
  19e4a2a8676a9f4a488d67f1f7e44bf8a013f0ab5c51d7a0d4911e4b2300e2d6
- SHA512
  
  83dffee067f9b6e5349e3b3f4db469ff9e44028e1ccfbcea8b89d2ee3946b75c31aff4a2f04058e22cbf7afe663f650a105c14e1dd9ee096d4d026da0023ff56
- SSDEEP
  
  3072:bXA0f7V8M5uGcdTbdfQC2mCpCJ4bvu76gAOD05hoTl1wrcGBxG2fOXEOGS8:bXA0fBrcdTb03WhJYkGxGaJlS8
Score

3^/10

discovery
behavioral22
- Target
  
  Updates/90/Shared/Resources/1028/License_SysClrTypes.rtf
- Size
  
  124KB
- MD5
  
  af75df6971c1d09d31549698c1917eb2
- SHA1
  
  737b7c496498eb83cd13433861425b3c58c14f4c
- SHA256
  
  0cb71395534f598d40d12d80d0b1818b2715434a93cc2e4e63bb070aa20c0377
- SHA512
  
  ebcd8004fed3277769e559d5cfd61cda4909f7c4a78c092959432f6435d094300ab3fd422e1453cdcc8f0b0446b52b65bf8520b0dbb185aaf4d996979ebb3837
- SSDEEP
  
  3072:1w4J95k2o5XG0iRyXDlaO2ikE0Nud7T3LZqrJjrJoK2Z8e1UG:hJ9K2o5XRiRyTlaO2ik9Nud7T3LZqrJ6
Score

1^/10
behavioral23
- Target
  
  Updates/90/Shared/Resources/1031/License_SysClrTypes.rtf
- Size
  
  94KB
- MD5
  
  7bb97c6c5b3fa858710b17b0d75a28b4
- SHA1
  
  b29627a4340a757df129f4098f9c31cbefb521a5
- SHA256
  
  08cd68d8f45c4666f45766b228234a0f79aba1f0a7831fa1a57a68aa8e38109d
- SHA512
  
  968042727ab9e94f79a63093376e98c15e46ef45f38e148cf9ea7dba3980fa8a2cdc682697a274b2ec8b7f7d698fb8ce589b2426336deef85d0a54e4759184c7
- SSDEEP
  
  768:lc4YqWmrDcJiILpro6Qg/rHot6qB/nkQWvY7Ggsb3W3CB8yYGTBOrrw9Cgsb32P4:lcwiIqJ5gZd/
Score

1^/10
behavioral24
- Target
  
  Updates/90/Shared/Resources/1033/License_SysClrTypes.rtf
- Size
  
  93KB
- MD5
  
  f6f55d4cf917c04a43f9bea86576df63
- SHA1
  
  d735f5fce0fc69fbb823854c1d7e32d06b4f45d8
- SHA256
  
  d45b2eb44417e9bdd800bf0db90c88725540723140a448fb89742a62ca264266
- SHA512
  
  f9a8e64a08e1590842484348be8706d65e2af32af600529fc34768f76b0ff9b22a41a694dd861f96cfbbb6cf300bb3607025a63e1787eb382431fc26a10f1c99
- SSDEEP
  
  768:lLvkQNejs/ZsZfwiiQmskXPl+JksDj1uzIFQjEo3G7KfPsO6f4rNqel8Ssnv0NVm:lLMFWfLoN9JTw8OmOWQj635dL
Score

1^/10
behavioral25
- Target
  
  Updates/90/Shared/Resources/1036/License_SysClrTypes.rtf
- Size
  
  97KB
- MD5
  
  dea508f34e9bf89b057baf32210ba022
- SHA1
  
  79c02749b69d0d20c156003687aca0d3de7e164b
- SHA256
  
  fa92a28407f529b6223912524e576f4e9a150fbb5e9edb8b69333af8ba29819d
- SHA512
  
  5204aed92dc4995db83f523dd7f0556b99b9a8322e85d9f4ccbb827776ed5e3422425bdd4836ce9984bc1788788b22fcc4809dfb8aa3b1a95956fcb4273ba8fc
- SSDEEP
  
  768:lEvITfvFTK9YC1PnGamsdtCBNzHQah0zmvY7Ggsb383CB8yYGTBH9vY7Ggsb32FB:lEwPwFnpGNP9yUpczSHzhs5FdD
Score

1^/10
behavioral26
- Target
  
  Updates/90/Shared/Resources/1040/License_SysClrTypes.rtf
- Size
  
  93KB
- MD5
  
  d1b4838eacce113758c2b62c239ba8a6
- SHA1
  
  a3f961de8a40fc4ba065bf4afc8d3845b2f6b9ef
- SHA256
  
  7a6abd6464105179622ec76d9d20ab892d35c14866cf23dec3175ed6427504d9
- SHA512
  
  1810d30571012ba9411e983d65904653fdf49fd14cfebffb7a4cffa6b07547f449887ab1df4b0341e7d2102ea1ded77b272ed2012241e870ba8c6144ab2bb54f
- SSDEEP
  
  768:lgYsOeqbj0duoDN3AmQoHTjUhmqFDPq2WvY7Ggsb3k3CB8yYGTBOrrw9Cgsb325u:lgM2ocN2yydtlc5ds
Score

1^/10
behavioral27
- Target
  
  Updates/90/Shared/Resources/1041/License_SysClrTypes.rtf
- Size
  
  146KB
- MD5
  
  b434e82c320fb18cfd61e6bae77538ac
- SHA1
  
  f4f0010960f743679b6d05b045ea6719aa6f4300
- SHA256
  
  a0d6afe63e1000a16e9851e56e8280b314c438059c34024908f63a1c4c2f25ed
- SHA512
  
  e4674c44f3ae3cdee238a4fdc33650db08eb8119346d8236ea9130d53ba4da28701499a3610c03a3918d83bac18c5872f28c8c8818a4f877c1097e3b1f196dd3
- SSDEEP
  
  768:1oaLTZQhcJpkp7qpElp5PAzl+bP6NAAsw+3HC74CbE0/s0w7yRBgf/piyjZCoQb/:1o6GL4E1qLmGTgq6XxUisxwo
Score

1^/10
behavioral28
- Target
  
  Updates/90/Shared/Resources/1042/License_SysClrTypes.rtf
- Size
  
  364KB
- MD5
  
  edd85e0543d4d7e0bc700cf5160f0820
- SHA1
  
  c9fa3b524006b899321068b260ececeb66a72d95
- SHA256
  
  dfac806cec5029a47b2012857c2a685904d9b983ce61b0ea6db8b12dace3a442
- SHA512
  
  9e1bc849dcb324af0e8cac92c79e8f9cbdf5a642ab5c93f409fe69575d3fb188b61706a7dafd0ff6563eff1d009ac591a22058b73c173c64972f4b9af7b8644a
- SSDEEP
  
  1536:dnXzJsZl4j6+6mAlmhgNyqSrzwPBKuKEZdp:dXzwj
Score

1^/10
behavioral29
- Target
  
  Updates/90/Shared/Resources/1046/License_SysClrTypes.rtf
- Size
  
  94KB
- MD5
  
  31788ccd56b1774ca3c442cda344cf71
- SHA1
  
  c4218b65f763bc72055711ddf5e078448fd1eb6f
- SHA256
  
  4dd36cefc1fb62c1813ca457a8b9d1d92d8fb773af088b38cdbb8b015b751841
- SHA512
  
  4e56b5c6effe62ecfc4db9486515af6feca4bd3f660ddb3149b2d1fa6195620ac05cdf4dc172bcdfe2787369b917ae7c3b22c690f2f3c54ef6f759d8dbeca75c
- SSDEEP
  
  768:lXfmBwpqzMfpMV/g+KAS803P1aFUMXBb60WvY7Ggsb3g3CB8yYGTBOrrw9Cgsb3F:lX4VuLUArzUTwoTLdv
Score

1^/10
behavioral30
- Target
  
  Updates/ODBC/update.dll
- Size
  
  54.0MB
- MD5
  
  b7d281ba860f7507be10288a54de8fe3
- SHA1
  
  ba0c627626c46a7d77f440a1c660ab2d323ac04c
- SHA256
  
  575ad04aad19034af4862fcaa8991fdc3a87d07d2d136787e1c84c2f8bcb4532
- SHA512
  
  c630ffaa6ac4dc13a9972c7283752e5378d6a1de08c6ddcf6c5f2b5c131b49e65d1e77e5f4ed4e36dd458b7985b3a8b0326c80590f7616c1584813afe60f6570
- SSDEEP
  
  1572864:trw54t15f1zvHhV4lPIAReq1mjmheq0IxQ:xMK15NBeHRx1mjmImQ
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral31
- Target
  
  driver-x64.dll
- Size
  
  42.3MB
- MD5
  
  a80358074cd82f92ffd7ea48c9ed9804
- SHA1
  
  f46c3b0fd3cd2ecd1373f00a23213e3f8dcc80ab
- SHA256
  
  1c2fc56c21981dc35350bc7d8f3a734b737e4454ef7f1302382fff00045aed86
- SHA512
  
  f9a4e9527932011b62b0ff5852afdf69d2f86c9e64d0c761f0935005da51a23a626a10a8eff7e29bdbcc2711f6345fed12f708215f2687459fa5e3e9763ce00a
- SSDEEP
  
  786432:1DSIbLKlthJD4YWxH5f13kwvH82V+b7eNcX/I4SmRehSuzdi1mq67PUEA1h2:trw54t15f1zvHhV4lPIAReq1mjmh2
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

Drops file in Drivers directory

Manipulates Digital Signatures

Adds Run key to start application

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32