Overview

overview

10

Static

static

10

Loader.zip

windows11-21h2-x64

1

Loader/Loader.exe

windows11-21h2-x64

10

Loader/dmx...ls.dll

windows11-21h2-x64

1

Loader/lik...er.dll

windows11-21h2-x64

1

Loader/lik...ll.mui

windows11-21h2-x64

3

Loader/lik...ll.mui

windows11-21h2-x64

3

Loader/lik...ll.mui

windows11-21h2-x64

3

Loader/mqutil.dll.mui

windows11-21h2-x64

3

Loader/samlib.dll

windows11-21h2-x64

1

Loader/wdi.dll

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Loader.zip

  • Size

    356KB

  • Sample

    250105-bxdfwsyneq

  • MD5

    9cdb64fc1bf6d4703410b2acccc3850c

  • SHA1

    398b3598206a36bb455535a8ef753f581d78f8a2

  • SHA256

    54c847c93bcc25fbb25d341063a1e83d90382a709222915dd2b1b9b972f8919e

  • SHA512

    213a2ee4e8d33076c2856df7d2fa976488c57c15d2b5975acd64baaa8a1cea57abd068dde44eec662162e4715aedcb5ac3c288b0864c9345792c763192ba43cc

  • SSDEEP

    6144:84pU5md/QmMJMXGS251HyEEhA26eaTQFPrzjv7iQZpfonR0ehSHpHh:8r5y/pXoXyEx26eaUFjzyQZpi0eYHpHh

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://hummskitnj.buzz/api

https://cashfuzysao.buzz/api

https://appliacnesot.buzz/api

https://screwamusresz.buzz/api

https://inherineau.buzz/api

https://scentniej.buzz/api

https://rebuildeso.buzz/api

https://prisonyfork.buzz/api

https://ingreem-eilish.biz/api

Targets

    • Target

      Loader.zip

    • Size

      356KB

    • MD5

      9cdb64fc1bf6d4703410b2acccc3850c

    • SHA1

      398b3598206a36bb455535a8ef753f581d78f8a2

    • SHA256

      54c847c93bcc25fbb25d341063a1e83d90382a709222915dd2b1b9b972f8919e

    • SHA512

      213a2ee4e8d33076c2856df7d2fa976488c57c15d2b5975acd64baaa8a1cea57abd068dde44eec662162e4715aedcb5ac3c288b0864c9345792c763192ba43cc

    • SSDEEP

      6144:84pU5md/QmMJMXGS251HyEEhA26eaTQFPrzjv7iQZpfonR0ehSHpHh:8r5y/pXoXyEx26eaUFjzyQZpi0eYHpHh

    Score
    1/10
    behavioral1

    • Target

      Loader/Loader.exe

    • Size

      646KB

    • MD5

      2ec18b257662dd107ae84263ecd2e5c1

    • SHA1

      ce2efa8394c35b8da16428b10ece4a856c53dd1f

    • SHA256

      539f0617a85a7a0773cf9e36d803c1a8ddf5c69dc003c80c1f3afac147b47554

    • SHA512

      6cf6f83dbaca7f218f6add89de942bc6a8d83fef9ccbbb3f3ef3c03bba4233a25b18f1bc392da27b37b88bb649fecc7c05ed28a9dcf849de957103f03fa63342

    • SSDEEP

      12288:xI6tpbrZqB16QBXv9trocVyiBFAMyhZVUEz4Pjt/ax7OA2:xIMH6JjocVy+yhZVUEz4PAx7O

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral2

    • Target

      Loader/dmxmlhelputils.dll

    • Size

      259B

    • MD5

      9abd95d760a752257bcb7f5ee3c14008

    • SHA1

      29c4a0b474ef189b2f6a267d560b103ab5f4b323

    • SHA256

      d9050e97477cfe7be44992a505c2cdad8f0f43a3c0bf0e1e1a3d1f175d92ac51

    • SHA512

      f39a345e695d42d81a35b71923da8dd1907a0c48da24f580a102600fb72bcf259ee817414e736d67b0f1196dae0610a00926b1aa94640171e6f5cf09b6830da7

    Score
    1/10
    behavioral3

    • Target

      Loader/likodi/NotificationController.dll.mui

    • Size

      4KB

    • MD5

      5a940db75a80c7571cc221cf3870ef78

    • SHA1

      203ac94c768a8916ce70f6db7ada481185c06eaf

    • SHA256

      d3e15411a49c52b69d00ea4c32a3eba6eadb26da7b7f294e90c75aa7d33f210f

    • SHA512

      ec639abf80a633f3fa1a848d2236ca8cf28d45a5a0af85df6c3273f05fcb6db2fe6afbc057761c07234ca3f9b619866697dd357d155ab5df8e1687267ecc7099

    Score
    1/10
    behavioral4

    • Target

      Loader/likodi/SmiEngine.dll.mui

    • Size

      169B

    • MD5

      a0db1f60834e4cc834d87ce05449e86d

    • SHA1

      5ad5350876f587ad738c6337aadcca27933d9fc4

    • SHA256

      0d8f35e8bdb5d7b9e705745c3d53e5ad009af47ecec5d05c73ae7196e2944ca2

    • SHA512

      630acfbae48e16210b61b05dae1b494d7afaaf9977a5367e6f7bf157b731ea67707012b8eb0ad56fa5b5b24c6ade610b10ddd1a96d240ea71487fe1ef8caf4ac

    Score
    3/10
    behavioral5

    • Target

      Loader/likodi/netid.dll.mui

    • Size

      366B

    • MD5

      cd2e3b8d8a457c5dc46b32e22aa6f85f

    • SHA1

      b71a3f79c55dc591e9594b2ad53b6610d84c4b3a

    • SHA256

      780a4f435e71ec9644ad58e83d6064471f045908fc616405ab7a39ad4d1356ce

    • SHA512

      d307363dc65f277ee937915a508c418abfa7c7bf0ab49fff5463fe6c901c5f65dc27e13df0cc3628a9a3796fb93d127dc3125612b4f0b7c0e6f9506fad495dae

    Score
    3/10
    behavioral6

    • Target

      Loader/likodi/wfascim.dll.mui

    • Size

      1KB

    • MD5

      6dd6dcef7b35588fe7f1eb40f6eb3027

    • SHA1

      99d107866231bd3eeeab1ebbb4d01faf8151fa69

    • SHA256

      329dfd52a5c9e01ea98625662241fccc11e5f49074cfa7e429b6426245fc4bd5

    • SHA512

      3ab0608e7e9167ba6c6fc1f5fe2d3d9733e2b089e585194eb479a35173bfb34bca1953f9fa35b8838dc14d5785964b041989dea8907c29b1ddec8354d7865edf

    Score
    3/10
    behavioral7

    • Target

      Loader/mqutil.dll.mui

    • Size

      1KB

    • MD5

      cb3a5f54d475674a55d0a326a1cb1124

    • SHA1

      7a7a817f76a27e1529c617bdb96fd06325d6c873

    • SHA256

      5a23c3e2186af35842be09ed51b3e073685b0c812e2ce671f084b38f5e894751

    • SHA512

      88f1c72aacd2e7c1d0086abb27116fb10acdf2052408589914794d88e0f738859df82c2a6f93222ebcf62e71dc390756b1ecf3362008a96ba3acf6c63ddde083

    Score
    3/10
    behavioral8

    • Target

      Loader/samlib.dll

    • Size

      9KB

    • MD5

      f3078d7cbe7d330f06c51dc177f58e6f

    • SHA1

      bb191e939d938b6fd9145473b4fb16cd48e33595

    • SHA256

      83b293af5ae8fa2f226dc86c4b9aeb5f6af41880eb72c55c895c2ab445b0bbd9

    • SHA512

      1749bbc37baa46aa95a883029ac52a366fbbe26963ac38e34dc5f6eca150a6a6158f8657543d4ecef59dae3570180bf472c981b1473c98be9c570b42aab0e897

    • SSDEEP

      192:xxoFkSrGiZ3P621D3xjzAS9CNnGhk8YGCPQp+7FTQgl7OQHQF2T:xxofVZ3T9jkS9ClwkvGsDppl3wET

    Score
    1/10
    behavioral9

    • Target

      Loader/wdi.dll

    • Size

      86KB

    • MD5

      7d326b235ab064ff70376f1d015cc084

    • SHA1

      3b394e93ef206d30fafbf3202a5a63a4b6667580

    • SHA256

      404dda0bdf9a6c1c61653cf7e965f504b3a3a3b662f88c906aaa19a9c3df160c

    • SHA512

      f33face04507edd462b40dfd0771da3f241374c99fc956def9678a05c15bf5f8c945579006ab250646120a7f983fe4a57b55c93bdf921142f6464bc74fee2347

    • SSDEEP

      1536:2xg+XurUE+dlamMsyhirFoNZ5MtDPQEInpF6qbTyuVKiRoTnd5Zatd2nZXBjVym4:2x5XXdMTsyhirFoNZ5MtDIBpFtvLASoy

    Score
    3/10
    discovery
    behavioral10

MITRE ATT&CK Enterprise v15

Tasks