lumma | 45df7a132aacab47cf53bac72af67a3d4e8b30b580d6ff0bdc634d218a4f1705

Resubmissions

02-01-2025 17:34

250102-v5sqbszkfs 10

02-01-2025 16:45

250102-t9rhds1nhp 10

Sharing

Copy URL

Twitter E-mail

General

Target

Lаunсher.rar
Size

81.2MB
Sample

250102-v5sqbszkfs
MD5

1ba68c84d49af718d24afd598b9b5580
SHA1

a767cb06aa10ccf0671ec119b5489464a9db3f91
SHA256

45df7a132aacab47cf53bac72af67a3d4e8b30b580d6ff0bdc634d218a4f1705
SHA512

4f8f6800b4d601c799693aeeef2062093bf4170eabc9dc543c0bfdd23641d1cd51dac6d7f9845f2ac1bc87da386ab1010c4097b129da0bc2ec41db0196d5e160
SSDEEP

1572864:4TshfI34puSAaXcKN3LLBHVqlZMz0jOunLQ0ra3j0NjJAD6m5P7xROXEa+:dIkuSQO3ZHVqbQ0VnLQ0Mj0T+6AzKXEN

Score

10^/10

Malware Config

Extracted

Family

lumma

https://conformfucdioz.shop/api

https://bindceasdiwozx.shop/api

https://contemplateodszsv.shop/api

https://arriveoxpzxo.shop/api

https://catchddkxozvp.shop/api

https://declaredczxi.shop/api

https://replacedoxcjzp.shop/api

https://applyzxcksdia.shop/api

https://celosiapatroen.shop/api

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Targets

- Target
  
  Lаunсher.rar
- Size
  
  81.2MB
- MD5
  
  1ba68c84d49af718d24afd598b9b5580
- SHA1
  
  a767cb06aa10ccf0671ec119b5489464a9db3f91
- SHA256
  
  45df7a132aacab47cf53bac72af67a3d4e8b30b580d6ff0bdc634d218a4f1705
- SHA512
  
  4f8f6800b4d601c799693aeeef2062093bf4170eabc9dc543c0bfdd23641d1cd51dac6d7f9845f2ac1bc87da386ab1010c4097b129da0bc2ec41db0196d5e160
- SSDEEP
  
  1572864:4TshfI34puSAaXcKN3LLBHVqlZMz0jOunLQ0ra3j0NjJAD6m5P7xROXEa+:dIkuSQO3ZHVqbQ0VnLQ0Mj0T+6AzKXEN
Score

1^/10
behavioral1
- Target
  
  Lаunсher/Launcher/Launcher.exe
- Size
  
  130.7MB
- MD5
  
  234f8e19939b10aedec405e21a194656
- SHA1
  
  1427522ce4059c8ea9c9d04f5eb6223b9c536002
- SHA256
  
  e15acca3fff33cb5590ee22ee37c4d980be3f255a044353ffcd9f6b140680179
- SHA512
  
  635b952b9fc06f4bd5e0e9e70ea0c111b7a9bdcfe5900da558429de9f5533c5f89098d71669941b9a8f3e6882a01313d15e743dbbce7cf77c5b8ac31590248bf
- SSDEEP
  
  12288:oy9cfJKKVuWrzp3lhBgqmSSew7H5lQYIozbwwQsPlXNlYLJ37MnYVG51Stz6/yhE:oy9GwKV5p3RHn6Ew7l8xo7
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral2
- Target
  
  Lаunсher/Launcher/Launcher_2.exe
- Size
  
  130.8MB
- MD5
  
  e603ea065be2ae4b96ad5b40dfc0e861
- SHA1
  
  910dfea05419ce1276f289e262480a1a161bc2d9
- SHA256
  
  90938828a6d6b261bb50b713e936643e896ad314691a3fe723c175f7533fc896
- SHA512
  
  c8c0c07ec9d05979489f950890587205fc902c08ffd0d3f236e052331e4020a78fe5754214b60732be33ed76793d196e1fbfb4f119a56562f450e56338e2045c
- SSDEEP
  
  24576:Y4dPpQPmY1dzvMoyZljVur1dzvMoyZljVu+:hdPp/M5vMb3VuB5vMb3Vu+
Score

3^/10

discovery
behavioral3
- Target
  
  Lаunсher/Launcher/bootx64.efi
- Size
  
  2.4MB
- MD5
  
  16429606815c82dcb1df1d4c162f2fde
- SHA1
  
  d5e5fa0bd76df419b6f78ba8e3e45963c1d0efeb
- SHA256
  
  262dea05a4ebe504ec2a848a430684d45e1429011b20676c032455a245d59db9
- SHA512
  
  8727fb509ee67751fe0b45f4d574dd036d600dae5a0a4838fc10dbbc2cc03ffb6a729f5dbe36926cb520a6f1fb98922e5d1417af4277c1a04307897387a8e7b6
- SSDEEP
  
  49152:Fq34Jw3J8YPpU8a9JiTcelS1ueXA9H4q7P5:Fd39ApR5
Score

1^/10
behavioral4
- Target
  
  Lаunсher/Launcher/libgnutls-30.dll
- Size
  
  2.0MB
- MD5
  
  ff22044c1799afbdb8e473e01d8da2e4
- SHA1
  
  6b23b5c547443f2c6154ece5f7f58c778cb34458
- SHA256
  
  7b7f7b57f1da8bbce5cf68212c51f56a197328c16688066b166a32382e7d333f
- SHA512
  
  300f99599241b8cf5a9690023212018f2714c180dbb2c327d7522ab33de18d7a936b425f79d8ef59fa3133708ee75e7a70353dd57c9827cc4a65d8b6628f9d70
- SSDEEP
  
  49152:H6tkCwxH9TIc2iRdmuNSZbIQfTRHoSlqGtlqnQ3/UQl8AbXk2XAxOFjb:H6tkCRRfJoc3/UDOlb
Score

1^/10
behavioral5
- Target
  
  Lаunсher/Launcher/libhogweed-6.dll
- Size
  
  268KB
- MD5
  
  a617e886d88b88c45d8ae37f9268abeb
- SHA1
  
  f894131e3e0d8078b8e4fb976c13138413f11451
- SHA256
  
  be3c113fbfb46d0d202951f1c8df1bea62b34674840ee15a6c23d799bda5cc56
- SHA512
  
  5bb8f4d2cac0a27de4f6bdc1fdc67a5e8eb267b1b21c61782e8273d36f7fd1d6deaef91441cc0ca8d2454f251d636cc6ebbd884110c5677b0fa6dc04fd8fd84a
- SSDEEP
  
  6144:f22cN0OXZGtlKCfwDcp+p5bgQHurSc9n6zLN1W:f22aNgtlffA8u5cQIL6zL6
Score

1^/10
behavioral6
- Target
  
  Lаunсher/Launcher/libnettle-8.dll
- Size
  
  304KB
- MD5
  
  7d656bf1de08addd054e728391ef3519
- SHA1
  
  5067ca56b6abfdf410aa102495c1cf6d6484fbd8
- SHA256
  
  1916c2878bdc6349d84d1c6c219a934926937fc23ceb77c97d88b945dc3d644a
- SHA512
  
  0bb955e4800df357a2d46625ff9234712b283f1c27ba9ddef788569f06c031710d3e0df73e91f20db989d522f687d95f42d331fa85bfeac4ecd36347405a783d
- SSDEEP
  
  6144:YmVFPSeCiKBNFkDk5X5lTqqDMwlFlwKuMN8:YYPSeCiyMk5/OqFl8MS
Score

1^/10
behavioral7
- Target
  
  Lаunсher/Launcher/libpng16-16.dll
- Size
  
  235KB
- MD5
  
  342b5f5b3ba11e867f0765d8fb2789ab
- SHA1
  
  57a95502936c033a667172ab3a73f9ce5a91651f
- SHA256
  
  74d4708664ee397fe2b5be139792cd188857e4b61d399b9b4d9562f140b46f0d
- SHA512
  
  8723d3a22daede770efc542a0efca284fede977abc0cb5b18712e076a2bd68504c032f395ec5643ccd189e76a30b7ee244a5448d60d8067555e16c51a7b64b8f
- SSDEEP
  
  6144:PnClFOtV9yvLwdZRLFfn4lShPNEoDHHpwpFLhKN5:PBVQgRLFfPh1E+HpeKD
Score

1^/10
behavioral8
- Target
  
  Lаunсher/Launcher/netcenter.dll
- Size
  
  518KB
- MD5
  
  7456f1e32770d74794640becb2dfea03
- SHA1
  
  6cf307e52268114b93de930ebf2c8a39feb94021
- SHA256
  
  4e76677c2d63eace4f191636682cf31aa61e58000b2bf9a7e9fd47f2a980c036
- SHA512
  
  0e028fe2e9b7e0dd6e5c44dc33fdde17044ecb6e86b671920c7105c55a43420e25b142272164caa85982f3910678d7d10796ecedd8a5ef3f38d4c4feadf60923
- SSDEEP
  
  6144:OGfB7Q/M6WEVLEB5CAZS3OOkTX675bX9xJ1F99ihSEiN1BrI:nJ8MB5CAEgUE8rLB0
Score

1^/10
behavioral9
- Target
  
  Lаunсher/Launcher/support/logging/actionqueueetw.dll
- Size
  
  21KB
- MD5
  
  c71a0aa3be5b5342b589e526c2e4792a
- SHA1
  
  df3e78cc32cd5054de84ba4ad4d226fb7cb3e9fa
- SHA256
  
  23ecf8c1ada804099e354720df06a46ac7ac31a459b76348cb9175a809ea3da8
- SHA512
  
  3607a08b547f4da279f41a78a72abd52219848a91f28d12cca036628154d195d1dee8b44c572c712989d0e2a11063504f44aae829d226418efec1d7bfb84eed5
- SSDEEP
  
  192:yW4gWqqVsAZ9umpW4pICSjRof0cVWQ4iWQPMh+Il+jX01k9z3AwBL7qJL:yW4gWqwlKmv2xlcvwEjR9zHBL7qJL
Score

1^/10
behavioral10
- Target
  
  Lаunсher/Launcher/support/logging/auditetw.dll
- Size
  
  25KB
- MD5
  
  7b81b55d4b3af7f96ea3c12ddd270894
- SHA1
  
  e1a0175dd9d64542ff9c6018c018c7ee16a51deb
- SHA256
  
  cd874ac7e5c8f43045b96c1f097cd13e1247f6d6c0d08978e1df79df102d6dcc
- SHA512
  
  74026ee434e8ec1ecd16f66dd168752685f2243cdf3ee4c1b925cd81433609ce8e45650d032c64e51da14b4ffe646526d364df08bce0babfb3fc44be94e0a53e
- SSDEEP
  
  384:uWCSW3VV/so/Nd8g52xlcu1pSwR9zQW5I:yJz2fuM9zu
Score

1^/10
behavioral11
- Target
  
  Lаunсher/Launcher/support/logging/cmisetupetw.dll
- Size
  
  25KB
- MD5
  
  faab400d86a96a111d7a203c7a940eec
- SHA1
  
  cc7e31c4268a4b450cb0452f3955d8cb3d1432f0
- SHA256
  
  5ad1ae1b7339646328d42af8db4ada3f90a63d842bb9a647ef558f1796df56ea
- SHA512
  
  9a67f897b9f530db2f5bfcb5fa7cb66ee617b04fad551cbe6211ddf42b3b97edcb12ffef9805ca09c63274ec06196667251c9af03d5ecf753eff9945e49fa4bb
- SSDEEP
  
  384:9WWfWK0Sg0QQ+B2xlcrw1FUJCR9zOGfhela:bXob2GwzUJu9zO8eo
Score

1^/10
behavioral12
- Target
  
  Lаunсher/Launcher/support/logging/etwproviderinstall.vbs
- Size
  
  6KB
- MD5
  
  46e876c55f0b4a5eac1dd6f36b10156d
- SHA1
  
  d9b0877fd91f6bd28987915b417e90fd4df8f323
- SHA256
  
  1ab7ae96d9588e7ed6c3a44afa67f02a01ca3360967c4333f23f73dbad273860
- SHA512
  
  577b969d5b1b36e0a00686b1627cbd2628ccaef0bf15aef4605a7cf1202ba299d8f15071570502e14aa119828b06bc1a2539c580d2b98e496f8c6e8a138df3b6
- SSDEEP
  
  192:IFoOIXXztb+ih7zIRU605MNd611/mqv0c9K40/zI1A4HSjG2UcNG2hATuluzS5M:IfiXzk8nodXqe3G2Ul2WCluzS5M
Score

1^/10
behavioral13
- Target
  
  Lаunсher/Launcher/support/logging/oobeldretw.dll
- Size
  
  25KB
- MD5
  
  366a1d76fe6bbc249d2d40c1ebaeb81c
- SHA1
  
  3676f5d95baf79a2717d966c0e93ab8ff9d0ca3d
- SHA256
  
  8784e25c0cacea739da0bb2c630db447be264263adea9a8e6ad6a10b0771cf68
- SHA512
  
  87a36f5d276fa4e816095a3cb0f028cb643be65ed67c7e473549aeef0db61d75a61b0882de7b5de7d80fc6ad7146d6b86a7092fe65ce805a2c5bec68ec8ec67f
- SSDEEP
  
  192:vWDQCWdNa+UuqjIzCp7QW4pICSjRof0cVWQ4GWHiuC1/or7o0X01k9z3AE+hh19:vWDQCWdNar0CS2xlcmo1Z0R9zbyhD
Score

1^/10
behavioral14
- Target
  
  Lаunсher/Launcher/support/logging/ru-ru/actionqueueetw.dll.mui
- Size
  
  3KB
- MD5
  
  ede4ad57cf4acce6028441da2dfbc1d3
- SHA1
  
  00b3878d348fe08d69956c27bc7ca7177fe2aeed
- SHA256
  
  494658845b7ae61a430982a08e91e60dd9ad7f5b1edfae1d6b13b47e388fdd0b
- SHA512
  
  5ab1e23a5cfb0ebf713928e9e8bee79971be96fd2967dfba03765f042ac548433517ffc33b2fcb87fde00b126c084ed669b00f553ad1b60055e7b6cdb9f69e5d
Score

1^/10
behavioral15
- Target
  
  Lаunсher/Launcher/support/logging/setupcletw.dll
- Size
  
  29KB
- MD5
  
  a80a28a75d6ab91a2f5194edd442b92f
- SHA1
  
  bd37417d0980e77814b19638ab251d5ce6dac7af
- SHA256
  
  6c944212ad7d9ec6275b4cd1505ba93ac64ae68567b33388ec07bae463a87fa1
- SHA512
  
  89ac31e76047e7b7cc48087b9ba6998c8b7e8a82f991c13610d628936cab30514b46f2dafe103e577ddd14c774cd717f8345a91b7ed876baf79000cec97886c7
- SSDEEP
  
  384:pWKbPPWQPgrpp1icTnA6l9SW4o2xlcHxvpNR9znUxZpRSs+:pr6lA42m19zULpRSs+
Score

1^/10
behavioral16
- Target
  
  Lаunсher/Launcher/support/logging/setupetw.dll
- Size
  
  29KB
- MD5
  
  053c69b4f09b5690366fadef0aca9fb3
- SHA1
  
  f1598ad9c8a8f75119c4c0d3eeffe5410362aa46
- SHA256
  
  4d2b95d8533a1e17b77b10c84cd4c95dbdb6b76308eba13716edf346486df292
- SHA512
  
  9fd1fec028469dd80b82118b8483ee478839e4291cb943a1e966ffced3ef4f66756a3e0e14d16bb11c4cc88cbad0fd8b53e9fa124d6e74b2bb28a500a95b800b
- SSDEEP
  
  384:IWgT4W9xP9LxCvas2QD95XhqGCQDBRJoFjBj05seyR9zuXfn:gzxZnS1PoFjBj05sN9zAn
Score

1^/10
behavioral17
- Target
  
  Lаunсher/Launcher/support/logging/setupugcetw.dll
- Size
  
  25KB
- MD5
  
  692def75923a58c1e5c68de8e6b2a3ca
- SHA1
  
  c7b32b6b8ebb27e694b4780e205a8c01c8c6f0b8
- SHA256
  
  b1bf87921f572b6cfaaf5c585ba3ac5b9474e4b486dc30fb87d4cd9ceab036bd
- SHA512
  
  1b60f30bddca9735558b4dba2c6f9ce9c0a586ca453d2849aea3f8aa4000d9fa9ba6d67c36a08bcf097be833bb9c804535e4c613c7dbca7f460528350b80d83c
- SSDEEP
  
  384:6WM7pWvl9vF1wnNsfXS6IxB2xlctSWF//dJR9zeLxMK:yn+428SWF//dj9zSxMK
Score

1^/10
behavioral18
- Target
  
  Lаunсher/Launcher/support/logging/sysprepetw.dll
- Size
  
  29KB
- MD5
  
  cb8ba89d21d6ed969c217d84097fee34
- SHA1
  
  0464bec1ba3895067638f9c6754a5b8bed690cbd
- SHA256
  
  4bacec5879dd66d9f66c5109ca02cea37a16fd19dee76f5d6ae367bcd9e2f1b0
- SHA512
  
  a40e261dede8ed6f4eaf1523d4cf8b8d5e0c18c5ec07a9db9d41018ce21c171a39b93e0b82809260900bb515baa8cd3c8ccd40036f3f59439212d833ca5d8f64
- SSDEEP
  
  384:7GWORhW21rP2Z5L2xlcpJj05seyR9zuXf0JXpX:IRJCL2SJj05sN9zA6XpX
Score

1^/10
behavioral19
- Target
  
  Lаunсher/Launcher/support/logging/windeployetw.dll
- Size
  
  25KB
- MD5
  
  3e826e44008cf11708974c18a44a3938
- SHA1
  
  3d2d765de18e76d9a7792d17ae3b2cd8afc4975a
- SHA256
  
  7b0efdcc84ad05101a828ca882d880da4c835a1a5705d55d312c52b2793c96db
- SHA512
  
  0507911dcbae09f75913ba48cee3c1a9dc1db1be4c2e79f3e911539d6422d6fc96c0f7c2eb5cdf08f93a9250eb2ea1da45eb30ddc4f045b3e2567c9c751b4704
- SSDEEP
  
  192:RbWekW+N1AeM4gUGNHSXThkhW4pICSjRof0cVWQ4eWrxYIN5vCX01k9z3AzfSX08:JWekW+XAeM4p+S2H2xlcHUJCR9zUw08
Score

1^/10
behavioral20
- Target
  
  Lаunсher/Launcher/support/logging/winsetupetw.dll
- Size
  
  73KB
- MD5
  
  4779377a150097452cf154dccd370b79
- SHA1
  
  517a004a09e34bcc6d02886dd659ec44770210c4
- SHA256
  
  dcdf3bb95bb4ec76e61ca295d5ac89bbe4807a6d6b44970f313c694283e76d25
- SHA512
  
  2a5cbe42b7a1997967c184a28e8b4c909071fd2643b6832ff0609dfadda4744449039086a2b1fc77bc31fffb34a164034cd22f40ada71191bb1f61c393c0b142
- SSDEEP
  
  768:XxsDaSWMW7KvBjM42Hib89Z108OCJVwvwM7pEoYPWnwbE+qdDdRTbk1acX/smDK:X5PhDanTqLlqjH/oS2hqz1G
Score

1^/10
behavioral21

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21