lumma | 1b175d4ebb42ce316f2cfd00719ed74af50b59aa4e5efd6667d89295e4817ae2 | Triage

Sharing

General

Target

infected.zip
Size

128.3MB
Sample

241228-wrcmmaznet
MD5

0436cdb5fe944a36e37ef4e493460c2b
SHA1

d778fdaae0c8e2533695a01ab27636bd98e5c876
SHA256

1b175d4ebb42ce316f2cfd00719ed74af50b59aa4e5efd6667d89295e4817ae2
SHA512

71b7a53ca1953de545f046dd280d3c05b82e66fe123feed3f3484a419082275926b9adcf4a9339c3c05b00877f037053b371617d9064177823d8f9fda62488e7
SSDEEP

3145728:fWBI7I4XljXTkzurmMb/DfA3ZE5B/HWayjU1ARM7anZ+l3YRbW+kY:fmGIwljX9Prc8Bxju+loRK+l

Score

10^/10

lumma modiloader discovery stealer trojan

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  Se-up.exe
- Size
  
  662.6MB
- MD5
  
  4a57a9bfb36258b3457313cab05f3db3
- SHA1
  
  95d2cfd3bab5eea5345686b5eed7de3e2838bd61
- SHA256
  
  693c060baff455566dc6f0ecbfdccab2cbabbe092e52e3a90f3e16fa6e944692
- SHA512
  
  7880eda53e374818c77a7a90abcc68e14f08138d51ab4643b7085a07cf84dc221ac900ff5e14d09e9dfb847d95f75bfdfb1f5053f0427b30f46a63d0f0a93ad9
- SSDEEP
  
  49152:pjgyGD6BzaNQPHyh4YA+TNj+hrbpwj+hrbpO7oBke:pjFXzaNVHj+hrbpwj+hrbpkoB
Score

10^/10

lumma modiloader discovery stealer trojan
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader First Stage
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummamodiloaderdiscoverystealertrojan

behavioral2

lummamodiloaderdiscoverystealertrojan