lumma | 2117b202be817e3bb30fb954f13c357b0bcb156f9af7ef05e25e8d43e029a229 | Triage

Sharing

General

Target

2117b202be817e3bb30fb954f13c357b0bcb156f9af7ef05e25e8d43e029a229.zip
Size

12.3MB
Sample

241230-f7dxmazlcr
MD5

b475b494ce1e765c290af30c5dbc2fe9
SHA1

5adf1c36edae1d196858b9147fc4d7c7d6a1b6d7
SHA256

2117b202be817e3bb30fb954f13c357b0bcb156f9af7ef05e25e8d43e029a229
SHA512

d0fbb82966f80149f02c7eeac29732a59ccac9f1aca38ed20898b18af74feb13872addd1c7136ed5c72477ea5da35da775f734804f43e1ffa7073c64ec693fb9
SSDEEP

393216:q+cdWfknjlgcExCAbG92tu3BvzpiBYJFsRK:dlfvG2tKrcUFsA

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  ExLaunche3/Data/Updater.ex
- Size
  
  414KB
- MD5
  
  a341d9bfaae6a784cb9e2ea49c183fb4
- SHA1
  
  d061c12dffa6a725f649dae49c99f157e93bb175
- SHA256
  
  52416bb8275988aa5145be6359b6c6a92e3c20817544682c2c1978b50ff2052c
- SHA512
  
  9dff4ba2abf889c9f9e71da1f91abdde1742a542b53e8c289e011113e1bcb86d4b1aaf5e7aadf97aa5ed36ab50227295e27ce700d30524f7198fd8f3928c36a2
- SSDEEP
  
  3072:bebeJQsqiaJnFdHfQoB9bls1YxRz5QZ1y+ymaQfA30KQBhYJXv4M4Mz07ROZH1pH:jh+nf4+tG/vyohq4M4M4gl7T
Score

1^/10
behavioral1 behavioral2
- Target
  
  ExLaunche3/Exlauncher_ab2setup4.exe
- Size
  
  675.7MB
- MD5
  
  98e013762e0a42748bb21a0ae17a6cd7
- SHA1
  
  fd99016119bb0568575318c02a30081ee0fc45cb
- SHA256
  
  30525ea105d0bb95f42158ecaa85c270bc95d649b0873c840ba0c620549f857f
- SHA512
  
  cd16e6daed4c1328f660c28dc02cd0ce72c3e0bc59086b587926bae7dea8c5d201a0358e9078db073e5a9b189b9e8a666a1aebeea09b712904c532ce7e15df39
- SSDEEP
  
  98304:OmHHYbZh5FWc0ZRYg46d0A+ITi+J+PPqqgCziC5QnqBNuG43XbbYTtWmp68cI:O+YrWceRYB6d0A+uwnqqgCB0X3Xbb/LI
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral3 behavioral4
- Target
  
  ExLaunche3/NAudio.dll
- Size
  
  507KB
- MD5
  
  65839a5c28a0dee380c4eba54e2d941f
- SHA1
  
  ac609ea7f86fe533820b801cfe40b22f8a7a3f1b
- SHA256
  
  c7a4c035d89716b027f69c2cc98eaf5c44fb15b08c2ea162d793466356a35a2a
- SHA512
  
  e6853ff5d10d11b5333f0697dcb660a042ebeae12eebc84427d0b9f896cf100258e7e6d18f531aae700c0f476f91f11da0272e7809728df68da80ee560136aeb
- SSDEEP
  
  12288:rnXnae2TPlr3zvzar5oRDaw92wP6mai9gs6CU:78lrT+r5ADakP4i9gsc
Score

1^/10
behavioral5 behavioral6
- Target
  
  ExLaunche3/RcClientBase.dll
- Size
  
  29KB
- MD5
  
  f0739e1db958fde4dc6bab9d75865191
- SHA1
  
  fedadbf79b594995e6c44108d6b25cdbbf05eb65
- SHA256
  
  27faac58c4edc8fb147c9947fc9567afd2f785b11252c2963788fd0f64f7ca42
- SHA512
  
  adbf2a0b42c6043ee5c984c02fcc8815b143117fa2ee0286b048f9e90d695f74f0129240e1de36dea2915f1e3d31359953095e6e5497337d01f0004d443aad10
- SSDEEP
  
  384:37VPSe+T3KkTRIjjzi3WbR1zQnSyGUvXU7Ex3dVOSRZYNyb8E9VF6IYinAM+oaua:37VPSFTamMRbzCfzZQEpYinAMxJH4
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  ExLaunche3/UpdateClient.dll
- Size
  
  64KB
- MD5
  
  760f24f0150a6e8dc15ac793c3172387
- SHA1
  
  920d5aafb4b460efc37b99564bd281e63c7eb647
- SHA256
  
  e113f8593244c1bb5bcc73fef0f93303c783714162cbd9ef93ddff5709c037ce
- SHA512
  
  e5251075164f9cdb154b0b5bf7b775c9720b0744d004b68ce6501a980342f45398505bc26f7cca982bd23a03609b3c78510a5778a93041e7614e17b369a7209f
- SSDEEP
  
  1536:DyvHa8En7WFlzobIrmKD8owRaggg5TIcO3YDmj7Hx4:DyvHa8EnKFqKD8aK0jj6
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  ExLaunche3/UpdateCommon.dll
- Size
  
  143KB
- MD5
  
  985f25c1d3144f37f046bc8f3e2b0c83
- SHA1
  
  c0b551c51317891d8220ab5a634c15acf8223e88
- SHA256
  
  3f71fa4c64376e85486b22de926f61c3e3cde3de6c1d484e041f265534ccd623
- SHA512
  
  b0db2c878948922243cc80ab015a954b11c5e08fce7dbe767722bc5082b150f277690acf9da1c657837e7a66059cafa7ba76c3695bba51b44467979f5a9c053b
- SSDEEP
  
  3072:8zWwFkpFMOKq9hC3ZWU+Oq1hZ+fVztxQ0rzc0to734o:s/zq9huqrZ+dbQIz1o
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  ExLaunche3/config.prx
- Size
  
  364KB
- MD5
  
  14934caca84d5fe0288f27efb31dcbf8
- SHA1
  
  98c8c659488a5782679112e0ffb089422a664ac5
- SHA256
  
  7fa86147035627bae39576bcbe619d045e94a48c4db8ca131968c20bb4de4a36
- SHA512
  
  9a239132a46fe578fa04ff727d8c28f9e1d179e7154619670a22a403819f337af0a96ebd7081d04d53910a12bbdc548b3cd2b2a285931c92f1c149ad5d846a6a
- SSDEEP
  
  3072:rbT9vTZFNSlIbVf7o3Cyi7igb/Js0S6uZZspiDbZHNjWOnNxFiKey1ISQlXflY:fRvNvvbhOq7F3S/qpiDlNCONvmXdY
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  ExLaunche3/opengl64.dll
- Size
  
  17.7MB
- MD5
  
  0a84667145e7efef026c888d4b768126
- SHA1
  
  27673e1bd7c55bba6eaa37620d3b3820ce45d46a
- SHA256
  
  dd575f3c64382193610815909bd2c52490244ecbbb9bba6eef5fe4f0bb43bb4d
- SHA512
  
  3e964c996ed358787c4dfdb965a00b38b4118c804ae1bf8d32aeb7d936584e72c188e3fa0d27d1c2ffd3be13dca8045b08b28b15070812c195d82d1bf23a2604
- SSDEEP
  
  393216:PXhbUNnoBP98OQ//aXUszfTBHCOUZ2UenCDkOH2:PXhNB4nlW
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

lummadiscoverystealer

behavioral4

lummadiscoverystealer

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16