lumma | 807fafaedb2c596c8e7002b8487c838234ea385ad6f9e54484c7bd490bc2cf54 | Triage

Sharing

General

Target

807fafaedb2c596c8e7002b8487c838234ea385ad6f9e54484c7bd490bc2cf54.zip
Size

14.5MB
Sample

241230-f7lmgazlgj
MD5

a8736c1c9e0494b3d6b487ccc853da9d
SHA1

50a8dd69f42536573e279364e8a857f53fc47072
SHA256

807fafaedb2c596c8e7002b8487c838234ea385ad6f9e54484c7bd490bc2cf54
SHA512

c3722e7ea26435e247f6fe449b80f4c1c6b0d5773a20c9b67b1a2ae315ddad1d0f9fef015716e7b6d4852b30d3f2b63d1eba49f1bf46ac420a9dc2c17ce7c350
SSDEEP

393216:wiFA4v5dd/JZKwGgwFdN2DcAuW7jopplWzuAZYthjY:RPv1TKwBUdkD/uW7spplDAZQhjY

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  ExL4unch3/Data/Updater.ex
- Size
  
  414KB
- MD5
  
  a341d9bfaae6a784cb9e2ea49c183fb4
- SHA1
  
  d061c12dffa6a725f649dae49c99f157e93bb175
- SHA256
  
  52416bb8275988aa5145be6359b6c6a92e3c20817544682c2c1978b50ff2052c
- SHA512
  
  9dff4ba2abf889c9f9e71da1f91abdde1742a542b53e8c289e011113e1bcb86d4b1aaf5e7aadf97aa5ed36ab50227295e27ce700d30524f7198fd8f3928c36a2
- SSDEEP
  
  3072:bebeJQsqiaJnFdHfQoB9bls1YxRz5QZ1y+ymaQfA30KQBhYJXv4M4Mz07ROZH1pH:jh+nf4+tG/vyohq4M4M4gl7T
Score

1^/10
behavioral1 behavioral2
- Target
  
  ExL4unch3/Exlauc@cher_v1.26.exe
- Size
  
  678.4MB
- MD5
  
  f2b9cb57956201fe121fc0569ffdbf53
- SHA1
  
  ca8e7f1b943b72e0d4c9317b42c238bb23f3d21b
- SHA256
  
  e7ca2d8a2ad96b4f44a1983028c054953d25f530bb71fce697bbae956f4e2a0e
- SHA512
  
  569916e2896d59fb23058d28011fa8da4e3ea6880299e155b28c916d270bacbcafdd2abf695ef8318d9319d3eaaec9ffa07153630a5c7d8534d3a979edbfeb30
- SSDEEP
  
  196608:qFd65BgHEPB3THqMLVZyH+JktSK6KONQW0swoN:qj65BgHEp3THOeXpNQwwoN
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral3 behavioral4
- Target
  
  ExL4unch3/NAudio.dll
- Size
  
  507KB
- MD5
  
  65839a5c28a0dee380c4eba54e2d941f
- SHA1
  
  ac609ea7f86fe533820b801cfe40b22f8a7a3f1b
- SHA256
  
  c7a4c035d89716b027f69c2cc98eaf5c44fb15b08c2ea162d793466356a35a2a
- SHA512
  
  e6853ff5d10d11b5333f0697dcb660a042ebeae12eebc84427d0b9f896cf100258e7e6d18f531aae700c0f476f91f11da0272e7809728df68da80ee560136aeb
- SSDEEP
  
  12288:rnXnae2TPlr3zvzar5oRDaw92wP6mai9gs6CU:78lrT+r5ADakP4i9gsc
Score

1^/10
behavioral5 behavioral6
- Target
  
  ExL4unch3/RcClientBase.dll
- Size
  
  29KB
- MD5
  
  f0739e1db958fde4dc6bab9d75865191
- SHA1
  
  fedadbf79b594995e6c44108d6b25cdbbf05eb65
- SHA256
  
  27faac58c4edc8fb147c9947fc9567afd2f785b11252c2963788fd0f64f7ca42
- SHA512
  
  adbf2a0b42c6043ee5c984c02fcc8815b143117fa2ee0286b048f9e90d695f74f0129240e1de36dea2915f1e3d31359953095e6e5497337d01f0004d443aad10
- SSDEEP
  
  384:37VPSe+T3KkTRIjjzi3WbR1zQnSyGUvXU7Ex3dVOSRZYNyb8E9VF6IYinAM+oaua:37VPSFTamMRbzCfzZQEpYinAMxJH4
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  ExL4unch3/UpdateClient.dll
- Size
  
  64KB
- MD5
  
  760f24f0150a6e8dc15ac793c3172387
- SHA1
  
  920d5aafb4b460efc37b99564bd281e63c7eb647
- SHA256
  
  e113f8593244c1bb5bcc73fef0f93303c783714162cbd9ef93ddff5709c037ce
- SHA512
  
  e5251075164f9cdb154b0b5bf7b775c9720b0744d004b68ce6501a980342f45398505bc26f7cca982bd23a03609b3c78510a5778a93041e7614e17b369a7209f
- SSDEEP
  
  1536:DyvHa8En7WFlzobIrmKD8owRaggg5TIcO3YDmj7Hx4:DyvHa8EnKFqKD8aK0jj6
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  ExL4unch3/UpdateCommon.dll
- Size
  
  143KB
- MD5
  
  985f25c1d3144f37f046bc8f3e2b0c83
- SHA1
  
  c0b551c51317891d8220ab5a634c15acf8223e88
- SHA256
  
  3f71fa4c64376e85486b22de926f61c3e3cde3de6c1d484e041f265534ccd623
- SHA512
  
  b0db2c878948922243cc80ab015a954b11c5e08fce7dbe767722bc5082b150f277690acf9da1c657837e7a66059cafa7ba76c3695bba51b44467979f5a9c053b
- SSDEEP
  
  3072:8zWwFkpFMOKq9hC3ZWU+Oq1hZ+fVztxQ0rzc0to734o:s/zq9huqrZ+dbQIz1o
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  ExL4unch3/config.prx
- Size
  
  364KB
- MD5
  
  14934caca84d5fe0288f27efb31dcbf8
- SHA1
  
  98c8c659488a5782679112e0ffb089422a664ac5
- SHA256
  
  7fa86147035627bae39576bcbe619d045e94a48c4db8ca131968c20bb4de4a36
- SHA512
  
  9a239132a46fe578fa04ff727d8c28f9e1d179e7154619670a22a403819f337af0a96ebd7081d04d53910a12bbdc548b3cd2b2a285931c92f1c149ad5d846a6a
- SSDEEP
  
  3072:rbT9vTZFNSlIbVf7o3Cyi7igb/Js0S6uZZspiDbZHNjWOnNxFiKey1ISQlXflY:fRvNvvbhOq7F3S/qpiDlNCONvmXdY
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  ExL4unch3/opengl64.dll
- Size
  
  17.7MB
- MD5
  
  0a84667145e7efef026c888d4b768126
- SHA1
  
  27673e1bd7c55bba6eaa37620d3b3820ce45d46a
- SHA256
  
  dd575f3c64382193610815909bd2c52490244ecbbb9bba6eef5fe4f0bb43bb4d
- SHA512
  
  3e964c996ed358787c4dfdb965a00b38b4118c804ae1bf8d32aeb7d936584e72c188e3fa0d27d1c2ffd3be13dca8045b08b28b15070812c195d82d1bf23a2604
- SSDEEP
  
  393216:PXhbUNnoBP98OQ//aXUszfTBHCOUZ2UenCDkOH2:PXhNB4nlW
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

lummadiscoverystealer

behavioral4

lummadiscoverystealer

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16