lumma | 87c77b9aa2340d1597278461facf02931791bc1b368d4f2ca1d59fe55794e700

Sharing

Copy URL

Twitter E-mail

General

Target

«FîleReady▬PassWord▬Is☼◄031910►».7z
Size

3.8MB
Sample

250103-ygpkjssral
MD5

68b7025f8fab78ef1a6b15bf0c607fe2
SHA1

9319a3593d2205503d3a2df73f7e9548274983fa
SHA256

87c77b9aa2340d1597278461facf02931791bc1b368d4f2ca1d59fe55794e700
SHA512

b7a01103bea28563a7a28f02d7e586368eb7de7898363c24b15cca927f878fb26a79cd31c54663dd1968cb169492939315a100cf9f486783390757b3070b27f2
SSDEEP

98304:8DNrZfdtoHzg6wvn5Ic+rFbL8MKVuqSrC+vQNGlXvKIGWx2zC:8dNfoHzKfd0FbLNaudG+ViIGU9

Score

10^/10

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  «FîleReady▬PassWord▬Is☼◄031910►».7z
- Size
  
  3.8MB
- MD5
  
  68b7025f8fab78ef1a6b15bf0c607fe2
- SHA1
  
  9319a3593d2205503d3a2df73f7e9548274983fa
- SHA256
  
  87c77b9aa2340d1597278461facf02931791bc1b368d4f2ca1d59fe55794e700
- SHA512
  
  b7a01103bea28563a7a28f02d7e586368eb7de7898363c24b15cca927f878fb26a79cd31c54663dd1968cb169492939315a100cf9f486783390757b3070b27f2
- SSDEEP
  
  98304:8DNrZfdtoHzg6wvn5Ic+rFbL8MKVuqSrC+vQNGlXvKIGWx2zC:8dNfoHzKfd0FbLNaudG+ViIGU9
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  Data/Config/DisplayLanguageNames.de_CH.txt
- Size
  
  34KB
- MD5
  
  25e1b7c45d5fb1dbe6fe4a533c4722cb
- SHA1
  
  2836b7a4d3a6fdb41739072093300df98bf4f3d2
- SHA256
  
  8f302adcbfc601a5410d7c09ceb3e2ff867e5efc31204dba637b25a090a1b55a
- SHA512
  
  218e5be434ea62429950a3fea75b601d74d35f65e8aa20c871e7623a7de678e6bfd85af62299d119b311295d1c7e7a708741f264f4bf074564300c2a54f819dc
- SSDEEP
  
  768:5kWK3myuglze+LqxHAYBDhA7XSo2VimyfQXL:56P2omyfQb
Score

1^/10
behavioral3 behavioral4
- Target
  
  Data/Config/DisplayLanguageNames.el_GR_PREEURO.txt
- Size
  
  32KB
- MD5
  
  46b3a1b71a26e53ea8869c855131a5fb
- SHA1
  
  1a925edf65b935d748b34a6ab0c422d7419bd654
- SHA256
  
  210e62cf843f9e398e878fbd9502a68c66a2f2ab0ea2eb312b135c8f1807963d
- SHA512
  
  046909c6166234ae18b690be0742206726716f4c3f6f8aaabdb98f4c6f5d035513c3af7233e51f4ec69b444b284e2c5e421a75a96931b9df6340780d0dc95886
- SSDEEP
  
  384:LqGqfqYq5qrqequq7qDoqnq3qBqIqfqbq0Yeqeq8qvq1q+zPFz4z5FiQ4mWfX8R8:aYKz4z5FiQ4mEM2
Score

1^/10
behavioral5 behavioral6
- Target
  
  Data/Config/code6.txt
- Size
  
  270B
- MD5
  
  b9babb266f182c22a4e2e80680b07b72
- SHA1
  
  0d31b47ff587c1c516dc08f3f59ea60a94970df1
- SHA256
  
  51fab753a2f49bab7b3d0745e27771dd9d58d5a5dd60c81390ae878fa95e094e
- SHA512
  
  772f28dac16178163fe87eebaaa65f48e318ad9ceeea908556e40bb5a49c99d090b46b6c7dfb894920d8c596679fbe54d6e0879f82813ae279d423134b2033f2
Score

1^/10
behavioral7 behavioral8
- Target
  
  Data/Config/custom-hg-hello.txt
- Size
  
  366B
- MD5
  
  9716121c5042516ca7388fd526b81df2
- SHA1
  
  93467e2df5231d42c07162124a54053a168835d7
- SHA256
  
  1058a99bd62d4b686c2f4602acb85eae6a5b6b05c2202150585a6e98cb1b2797
- SHA512
  
  7e7994ab8fc51f1a2b6f31895c04a66f022706f44a7cfbd249e58459240d84303c2e7bf5830729fa109acfc4ab1b9db6dae21aa0db6da9071005d78245efee7b
Score

1^/10
behavioral10 behavioral9
- Target
  
  Data/Config/example.com_noroot_v1.0.1.txt
- Size
  
  136B
- MD5
  
  7288d609b53d947433d19929dc8a30f0
- SHA1
  
  4482120804287d50e4167c340643c5b018266b2a
- SHA256
  
  595975bc53a4f9094bb2793dd82bf51e80ebaf2d6b4c31d56fe77c0d9db7533c
- SHA512
  
  ce7da08eb7db96becef06c16a721637e4bae203c1f38b6eb8b1a63e89dfef01860461fb2654aeccabbefce9a61246fd6d36fe0247e0a893f5ece8946e0d3e338
Score

1^/10
behavioral11 behavioral12
- Target
  
  Data/Config/github.com_dmitshur-test_modtest5_v0.5.0-alpha.txt
- Size
  
  215B
- MD5
  
  3f47b6a55fbd2d5a8c99213d719709b0
- SHA1
  
  7ab2139f567b317a35bd78906c4bb0d39fb35cdc
- SHA256
  
  82ae4cc41728d0b2eb84fe415153a3bd3b17d084827dce2f57f29707745e29ab
- SHA512
  
  59eac9b5a35a22324c8ea5683e06c39908679c4f742875a3895f424b88d93c8ea5dd8c8825dd7a5e1d96510284f66c7bc73913fae1ba4439ee504310c8d44a72
Score

1^/10
behavioral13 behavioral14
- Target
  
  Data/Config/mod_convert_glide.txt
- Size
  
  460B
- MD5
  
  f5dbc96107be0223dfbe9ead75586749
- SHA1
  
  782657c1c053a3d69eecc4545c7dadb3499869e0
- SHA256
  
  5e514f80ec4bbd5e93644f447b2e2b469f8edf09c541b54ac52b2c25673154c5
- SHA512
  
  63aafcfb739ddb9ea00cfba6b7e90ae648e0696ddcc681e1f4b34f717df3e2bd8c9fddf86147f7e4bdf6bbc986810df33189a1c0e9cba9357bfed47e3d4f8f5f
Score

1^/10
behavioral15 behavioral16
- Target
  
  Data/Config/mod_run_issue52331.txt
- Size
  
  704B
- MD5
  
  de6b86d9a5e674079e7ac7e77010b52d
- SHA1
  
  0abf85928dc87816cb3d387af5515bff7c10c758
- SHA256
  
  d84b2ffa9261a15ca009c8e24dd7919d554811a03277f92a182450cd423dac95
- SHA512
  
  24fb1e21400daf6ab41900206dcaf20ff8b7d076bc072f7d9656b631c701e930f96fb973e6f11b5d8feb8175d58ea8df8402d39b18c1fa38eb2ea01bde6ce817
Score

1^/10
behavioral17 behavioral18
- Target
  
  Data/Config/msg_30.txt
- Size
  
  345B
- MD5
  
  c045ee85a52d1967d69de8a9614085bd
- SHA1
  
  da33f4f914ef2abb8871a2edca2814df2c40043d
- SHA256
  
  c35da53f1c5bf7639417aecde7052db57700828fcff4600a81751ae13bac03a8
- SHA512
  
  2f491e5ab0ffa3a3056042f8f5175934807683a01bff476c3e2b6560d455ad24ceaebf20e462baadb2b8211883e449af15ccf4dc6c11182b29fc8dec014d4cc9
Score

5^/10

discovery
- Drops file in System32 directory
behavioral19 behavioral20
- Target
  
  Data/Config/test_vendor.txt
- Size
  
  1000B
- MD5
  
  80aec646e662ecdb8f7677b93f39aab7
- SHA1
  
  5fd0591618895472bbfa350c9ea59356c93d8346
- SHA256
  
  5912f1ba252bac927720d0342e63b16a7e273b63e097bb3d1c8e68f9b0703742
- SHA512
  
  19e5d35c78cdfb64ca5caaeda5cd3b46dec21aa77c85d421959fa771614e5265602277c85b7557e58cae04d166feab5a9c5cb6c70c512a29852eb7b1a68fa078
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Data/Config/todo.txt
- Size
  
  304KB
- MD5
  
  007fcd32bbf72f6d0db5c437574d3159
- SHA1
  
  7391ec6d5c98495a3e39ab0965a9060b66c0bb71
- SHA256
  
  14ff2b92d86cf32a4ace3930f7871e12e3b4089297e2b0f5d8fa190d5e354765
- SHA512
  
  60aa6da59f6d705fb7d4b7f46f3bddb875632f53f06339927cd0812a9ea4e414a35b7809d87e9466ce14997eefc026377e95b1ecb3355304e2fe332e7e857234
- SSDEEP
  
  6144:4FxxisFtIKwQi6wwGqqUh163NBDszswZt+VtGcpdvX0h:4UsFbjqUhM3nQzswZt+Vtfxm
Score

1^/10
behavioral23 behavioral24
- Target
  
  Data/Config/work_use_issue55952.txt
- Size
  
  165B
- MD5
  
  a6d8767473fc6131646148bdd488b3b4
- SHA1
  
  35ae38eb82a547d6dd3350344e83dc77d377296f
- SHA256
  
  cce99e4949e725f7cc51553e24a1f68d78f6d7260f4f8885eaf128ee30d75c73
- SHA512
  
  70f7acbec33cf93f8d345723850ab5ad4067092bd4391299c8450cd1bb1e44b4529bd3b584519b2ea7fa8677d5348150ec6699caab4fa638d238ed7272b07ea2
Score

1^/10
behavioral25 behavioral26
- Target
  
  Data/DOMCharacterData_data_error_002.phpt
- Size
  
  383B
- MD5
  
  1bce0f644543bdda362af19acb0c75cb
- SHA1
  
  f5b834eb722ee6d65acc894ff0e4d25d2d95380e
- SHA256
  
  29d3e67c522205b50518a8df035cbc669203a0fa6d093084ddcd9f028c966d41
- SHA512
  
  6c35dc8d450d4062fd1da1417a97ddfdbcee10a35748a65259c78978146205d3a80f4e773b95dc70d6e86a36ac32f41fedc9b7e8f72a6fc048437ebba1e7c93f
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Data/Microsoft.Azure.ActiveDirectory.GraphClient.dll
- Size
  
  545KB
- MD5
  
  21e96d7a25f8725d8e08c0966aeaf5f3
- SHA1
  
  537f9b5176cf3dfc11c1b3dd7fcc2a9074e6c8e9
- SHA256
  
  4cd12bc688746afe7abba4f76aba706802032d0e5b04457afa0569d524b50ea8
- SHA512
  
  0b4e24a192d01a6be6a296e41048344bb0d7f1cd23fc93ef05862f093253aef619623b52b2d0cc128fa6021ac5c2623e7d6aedc0f83568160478f65adb04d1c9
- SSDEEP
  
  6144:QcJrEPv825N81G+gHUerEls+AiIWHQoQ5tgYbfAski8xfAskzAxTaj:o8M+herGsrUwtN9j
Score

1^/10
behavioral29 behavioral30
- Target
  
  Data/MigrationService/System.Web.Extensions.Design.VisualStudio.15.0.dll
- Size
  
  187KB
- MD5
  
  8ba1e3c39fcd5f405dc1fbd904624e51
- SHA1
  
  36235632687a9f0145f8851531ed6ebd4ca8537c
- SHA256
  
  83a95d3b6444551b7bd2547ca6e5f6a5bc488e3b36087541211637201fd2b92c
- SHA512
  
  db71b76256141ec90796261ef1f4e1417adedf22f9bf1dd314243d80bbe0d0585e0a66bcea6110d94a0bac1d09138b54236e123cb02e33f6752ca8a4e296d15a
- SSDEEP
  
  768:ib7fhJUlFWUEUlyyffhlj8G3nkrtBVbh5WmgO8wQkkZ/Bl8STJsFqTEjZIdxv70t:0FQEUlxlj18VkSE8W281L7OizU
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32