lumma | 8f90648143c92c8780cf076b716225ce76fe07e48c10ff5d1d24ed8938791511

Sharing

Copy URL

Twitter E-mail

General

Target

SmokeySpoofer-main.zip
Size

748KB
Sample

250103-a8a98ssnax
MD5

4807068938430adcad94ae1f70444acf
SHA1

439c19db57e1636a3a8bdc593ef82d93688ef216
SHA256

8f90648143c92c8780cf076b716225ce76fe07e48c10ff5d1d24ed8938791511
SHA512

715119fe906f1247a12bfd94575046630041ffe2983ff2cc57c3d3f1f658bb8bfad0e8e4252442b6fdce0b68afa731f62a2c230bd4c6f1b89a7f0dbd08e17700
SSDEEP

12288:tieNFD5T5vTBkA6gAksiz/YbxZxCXUxYAuTV8wQWCPmHMHPXHek:timZt5tkNOsn4XeITV8wQ+sfek

Score

10^/10

Malware Config

Extracted

Family

lumma

https://covvercilverow.shop/api

https://surroundeocw.shop/api

https://abortinoiwiam.shop/api

https://pumpkinkwquo.shop/api

https://priooozekw.shop/api

https://deallyharvenw.shop/api

https://defenddsouneuw.shop/api

https://racedsuitreow.shop/api

https://roaddrermncomplai.shop/api

Targets

- Target
  
  SmokeySpoofer-main.zip
- Size
  
  748KB
- MD5
  
  4807068938430adcad94ae1f70444acf
- SHA1
  
  439c19db57e1636a3a8bdc593ef82d93688ef216
- SHA256
  
  8f90648143c92c8780cf076b716225ce76fe07e48c10ff5d1d24ed8938791511
- SHA512
  
  715119fe906f1247a12bfd94575046630041ffe2983ff2cc57c3d3f1f658bb8bfad0e8e4252442b6fdce0b68afa731f62a2c230bd4c6f1b89a7f0dbd08e17700
- SSDEEP
  
  12288:tieNFD5T5vTBkA6gAksiz/YbxZxCXUxYAuTV8wQWCPmHMHPXHek:timZt5tkNOsn4XeITV8wQ+sfek
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  SmokeySpoofer-main/LICENSE
- Size
  
  11KB
- MD5
  
  dcbf253b3d6d09ae7e64cb34b4d0ec33
- SHA1
  
  be86a8dd962083a273ca3800af37cf2cb63d6f8b
- SHA256
  
  50e6751797c50dedd75ef1b8a0d9e42f5f8472e9fbce91f34718e9f97b0c780a
- SHA512
  
  31cfafafdfa696fc42c7d1e644c04a1c24bb9058473aea4c1328a86f8095fae6b7ddb30782941b05b4279166d3d3b2cf35bacfe388c1a30bfa18bc72e922c6bd
- SSDEEP
  
  192:O6G5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEn7HbHR:O9vlKM1zJlFvmNz5VrlkTS07Ht
Score

1^/10
behavioral2
- Target
  
  SmokeySpoofer-main/README.md
- Size
  
  2KB
- MD5
  
  aefb577a4e181f2a563d6b81ee714996
- SHA1
  
  23e0b2eb385fc3c1be611e214495a6f048054d0a
- SHA256
  
  c6a6329cb529a1ae5a376656d90da1e07a034953c7e43ebb129bc8773a69f3de
- SHA512
  
  ae86386498c7f619411540ddb028252de391b959d208d62889f82e89964a41839b473b5f4e2e83494797f682b73f50a21663bb00cd48d4ce97efa627e4b702e2
Score

3^/10
behavioral3
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/App.config
- Size
  
  182B
- MD5
  
  c6376b7cf21791bee55ce91ce487b80b
- SHA1
  
  ea7cc1b2e62a65fc26e026ae8b70f90e5b9fc839
- SHA256
  
  eb217cd4aaffd7c0cc720e9bb92f5e8d4199bd678df9e8dff7a07182d3568081
- SHA512
  
  c4413cfb89838b48b913f2383c53e5933ca0820f2c31ab7d378bebd2dd7a7ffbed8221c20c7ce08657c3a3281eee8d0d1a7aeed6fd3bb9f68374f09e63ca5de2
Score

3^/10
behavioral4
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Auth.Designer.cs
- Size
  
  6KB
- MD5
  
  190d08c382668c0e5d7ed5d5c469c242
- SHA1
  
  3061a7ef6084e6f91f2ac16a4ada128c538224a6
- SHA256
  
  c97234a361e6a0f4b42a01e977ed6269b60629bee767f9ecbaed5c11af8f0e43
- SHA512
  
  330b5e7cd6d0f60bc4f1a9afa14a69be687495340fa04c5591cd9d76d8dee0c2b819a0a6aa1e09332d6ad878af5a6c14bd995683543a89d21b5ce7f4465421ff
- SSDEEP
  
  192:3wlZpSiVh2V9PE2JRCV4LBQCHJTV4GYG+E1JV4zqLOA8gsL94IYjY9:3wDESh2V9PE2zCV4tQGJTV4GYJE1JV4P
Score

3^/10
behavioral5
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Auth.cs
- Size
  
  1KB
- MD5
  
  1e8fef6386f0c75e069aa1db7dd94825
- SHA1
  
  21fa06bdbd33fa0d989b3cf18f97402055484d58
- SHA256
  
  f03759509e24bc267fcbb4d9c2a4dd76c7017095f41ea279024ddef00659802d
- SHA512
  
  1878568d5743d10ac8e8f7346551d9e66cad0656b4b2ae47c56d5aa456f2e13022d5d94db0b558887b70113f50fd40df321e27c11a61d7162a52fe66fdc171fc
Score

3^/10

execution
behavioral6
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Auth.resx
- Size
  
  83KB
- MD5
  
  ef63cc8ac4644f7e44a9029e083182cd
- SHA1
  
  ca48aecb89f2ce0b69fedec48f42fa0527ff7277
- SHA256
  
  f7fb2824950d0f3a7f37b363bb10e7654206a710d802be7b1ab1a32750e8ed8f
- SHA512
  
  06c4ca3d501a03fd3823c29c3472d4824bc324d5e52681281dbb467974e53d9a8a2ce687e66705db829a70629495108ef58c667448956c38caf6b9d4e70ca2ba
- SSDEEP
  
  1536:ZfIiWxYUeXEnvxXFVO0vnOXr2hVifuP1bKcoReY9w3Y7hkDj5/:ZfIJYUsYvW2hVigOcon9w3Yla
Score

1^/10
behavioral7
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Logo.ico
- Size
  
  4KB
- MD5
  
  7f51eb2ad9c4220b58e28d1bd70b7429
- SHA1
  
  09ffe26b93ad8f1a95da0d78684f5fe8cd48de62
- SHA256
  
  eb431c0bde63d5e87532393c6606b17136fb22406a00a5737539ecc72ff7e2e8
- SHA512
  
  44c8b4a657aa0aecbacca312eac6338daeadef3e72a122622c8a3ec1477bde7d3d2d9a928cadbacadea9c751652328778f2a061ac4a4f04531cdfd0698aa385f
- SSDEEP
  
  48:tfTWDpv2emihLnysI+sz2vlrqY5bRGH7i:tfTWNv2emQLd5lfvGHO
Score

3^/10
behavioral8
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Main.Designer.cs
- Size
  
  9KB
- MD5
  
  cdda0de68cbca7e15aafb55663feed89
- SHA1
  
  b3670e2a592a5015ac309746edbb38b5fc7d7cac
- SHA256
  
  6aae9e6bc18e4fa19cabfe8f4048106bedad68558732c5428181fb37e5927194
- SHA512
  
  d38785aaeec7381fc4fcda21841c5777dd86967d474f40e2f15b9219d4306da643b8ed9243b2082a25245907d3de8adb47fb1ae31bc66f050abb02b7a03f0ac2
- SSDEEP
  
  192:OwlZpSiV9vnmV45m3U2V9PEBJ9MV9UdpwJyZV41bEs/V4ADEY1JV4zLEENTV4G8E:OwDESJmV45m3U2V9PEB7MV9UdGsZV41G
Score

3^/10
behavioral9
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Main.cs
- Size
  
  25KB
- MD5
  
  e18b9d4844a0e2526a427720115ee569
- SHA1
  
  18d553d3ecfd6ff3451f166473f8f7121468882f
- SHA256
  
  84dd3f1a32e611270322f5323e3d853145b78bbb463dbacec6777e65a2cea66c
- SHA512
  
  90ace917d3bf9ed775ad04dabe9bac4a2b798c4fb21920a6330ae8cabe9ac14869a93d7f831dd4bb965beac3adc2814cc444ca8b659a047db3ad93edb3e3db40
- SSDEEP
  
  768:6+W636xBoT2pbdzwZefxDtYDmZApuvruMh5i6Yj:6+W636xBoT2pbdzwZefxDtYDmZApuvrw
Score

3^/10
behavioral10
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Main.resx
- Size
  
  83KB
- MD5
  
  ef63cc8ac4644f7e44a9029e083182cd
- SHA1
  
  ca48aecb89f2ce0b69fedec48f42fa0527ff7277
- SHA256
  
  f7fb2824950d0f3a7f37b363bb10e7654206a710d802be7b1ab1a32750e8ed8f
- SHA512
  
  06c4ca3d501a03fd3823c29c3472d4824bc324d5e52681281dbb467974e53d9a8a2ce687e66705db829a70629495108ef58c667448956c38caf6b9d4e70ca2ba
- SSDEEP
  
  1536:ZfIiWxYUeXEnvxXFVO0vnOXr2hVifuP1bKcoReY9w3Y7hkDj5/:ZfIJYUsYvW2hVigOcon9w3Yla
Score

1^/10
behavioral11
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Program.cs
- Size
  
  522B
- MD5
  
  74817016a6efe4b9f3a83ebd9bcfd681
- SHA1
  
  351ef47d37841179ba802afbb44d3b63ddfd83ac
- SHA256
  
  da01587c3675821c88b7db655fd58359d20c5608f624096cc675a96cf4c2d793
- SHA512
  
  9f272221e7b0efc8db6375bed48c157356679f15e53de6a9c0c3dc2e60017a88a88e4b87fc087480fe117e9aa8ab53cacf8609189c88bf0df043f789565142ea
Score

3^/10
behavioral12
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Properties/AssemblyInfo.cs
- Size
  
  1KB
- MD5
  
  f12486e4ea066f55e08bd70366e040d5
- SHA1
  
  ac8a2314693e86d823de027982b585aed349eff4
- SHA256
  
  6c169ace0ac4ff16a9b5621a15ce39c3b3f8c1bba8ec94c3bc9cb0d4ad9926f3
- SHA512
  
  0b95741a4087b00c54cde45ba89e94b953a84c254d69f449fabe555c1c675f8b90f9ab709467f29e8ab5a41818aacf4858e14fb242d86d22169ae7a0645aa8a9
Score

3^/10
behavioral13
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Properties/Resources.Designer.cs
- Size
  
  2KB
- MD5
  
  d64bcae8319b6882b8e0f08dc5701d7e
- SHA1
  
  c4453f0461d9ccc1fdb59b42bf63501e7323b52c
- SHA256
  
  a50d58093c8037cd4e5e6c2b5c033f7c69d5556abe64b6e84990a244f63e696d
- SHA512
  
  ba8127b4d4663c89fcfb4c8499a6b44646e5665c3e53d46d257ccdb4c41a27307f27817362c23cd2ea285cfbfc6189291a897816c487f7412df8a10734c9438f
Score

1^/10
behavioral14
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Properties/Resources.resx
- Size
  
  5KB
- MD5
  
  c07716633f086d91759ae32a18996a1a
- SHA1
  
  bf3383c20acf6e64ce49f120938456161e5f6cb9
- SHA256
  
  4e124f5a7694ffe813c60601b1b73c53e47536b1f1c0e798d4d55bfc2ca3774f
- SHA512
  
  c6ad0ec603ff69d2d1b787db9426f29d44ea1ba45cf1d2b7ec41cc2bd6d5c93af8d2299139cc1c5d10d56718f36daa37d544f8d5411fad91a72efc2e70454cdf
- SSDEEP
  
  96:ECf+lbD5X5LPXCazYV5Lv6K6uOidfaxwsxuUPFE3qxdRMvDTursrbLAy202W:Zf+tLPfYnLvFVOiFQaUR6
Score

1^/10
behavioral15
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Properties/Settings.Designer.cs
- Size
  
  1KB
- MD5
  
  7ba58f19975d04b2b0ee78bf0fd0e17b
- SHA1
  
  84dd853ef84cf1c26655d75494d7200360d985ec
- SHA256
  
  0ffa692522bdb415ec1a38be6391f5162bddd3518028c73c52b4470059918001
- SHA512
  
  2e7c72eee4e74e600e4a5871bae043557938eed7ceb9370edf69301188ebcb0881903081e85bc0ddb2339e12ecea459c46d674b8d0f255d84a0c0c17db33ee74
Score

3^/10
behavioral16
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/Properties/Settings.settings
- Size
  
  242B
- MD5
  
  29a2bb6bd6f85ff04804c473e895de92
- SHA1
  
  48d8aedc9ac54affd627fd9737a0af3ba713f6e4
- SHA256
  
  baba99193fc1787141063b135424b476ff4151beb833883fcb594631f17c0147
- SHA512
  
  e2126226fde15a2cbf850824ae9bd2a04910aed905d3f6df366c629890f4ce07404c9fcf30bd41c61c73fb589ff254b8ab328bbddced7640e734098e542bdce2
Score

3^/10
behavioral17
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/SmokeySpoofer.csproj
- Size
  
  3KB
- MD5
  
  938f45d854f87adc613f0fc2826ded6f
- SHA1
  
  697944856f3ff0b9a78994de64a9657efb0034f2
- SHA256
  
  8423c56db3d7528f78cd634bd9e29dfb45d62bb49b6b43677ebb5206781c557b
- SHA512
  
  ced6c355e6fa415fb9f5bcd7e0d3de330c9a4029d0d2711ee9e636521c91bb9ce4e92056d71aa9f2bf04118497e82992568ee0245a94bd2de0fbdfb134c9746c
Score

3^/10
behavioral18
- Target
  
  SmokeySpoofer-main/SmokeySpoofer/SmokeySpoofer.exe
- Size
  
  550KB
- MD5
  
  ee6be1648866b63fd7f860fa0114f368
- SHA1
  
  42cab62fff29eb98851b33986b637514fc904f4b
- SHA256
  
  e17bf83e09457d8cecd1f3e903fa4c9770e17e823731650a453bc479591ac511
- SHA512
  
  d6492d3b3c1d94d6c87b77a9a248e8c46b889d2e23938ddb8a8e242caccb23e8cd1a1fbeffee6b140cf6fd3ea7e8da89190286a912032ce4a671257bd8e3e28a
- SSDEEP
  
  12288:SQ5vTleU6iA6AiJ/uJxZjUXUxYcuORWETWOORGzbZr4QClJJRJAr6Ok:SQ5pexaALoXe4
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral19
- Target
  
  SmokeySpoofer-main/one.PNG
- Size
  
  98KB
- MD5
  
  f105192ecba9177dcaf6fcb675bce30e
- SHA1
  
  d052645e23a7a02cc8e5e02d245d7828932fd473
- SHA256
  
  7dbfd918e5590fd909a105bb78da3f2070e4fa0e180d499f11120c993737e73e
- SHA512
  
  5be9b7ca75414a21ff03a7b6d95c429191c8a4017a86f57728916e3b1651b477717a2de8ebbe65bc43847e1b9c90044a2cefad1b6904366ac4d9729dcb022998
- SSDEEP
  
  1536:5hzAkCfYbPeNo2rnuguzfRMtVMnqGdvY/8vU1vVyp31ct66IT75s1rEp/TDtFD:9CfLNFzORMtmmcUe32t66yi1rEplFD
Score

3^/10
behavioral20
- Target
  
  SmokeySpoofer-main/two.PNG
- Size
  
  95KB
- MD5
  
  c5229909fa07d226a1c72f8554512c76
- SHA1
  
  ac113e95c19233bb299a7b794e441d9124c68b5b
- SHA256
  
  089086d5d7f331610a17f9300c57ab9ea2534eab60bb9025c80a90f7d8197392
- SHA512
  
  887739b21040d349426ab8412b22d34a7ad6a82f2240e3bcfde2600b6fbca8b7524859eb2285f10be180e16b838523d7e8c85054c27a594f98416e0477e0237d
- SSDEEP
  
  1536:5hzAkCfYbPeNo2rnuguzfRMtVMnqWc+GnXrQc/p310ZrLB9kSQUS65OliGJQnqAN:9CfLNFzORMtp+MflOLbkSv1GOKdVUnhX
Score

3^/10
behavioral21

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21