lumma | 8e5da28578d68378327458e2ec53a7b92b0cf3b160a2dad1515790b5095ff90c

Sharing

Copy URL

Twitter E-mail

General

Target

8e5da28578d68378327458e2ec53a7b92b0cf3b160a2dad1515790b5095ff90c.zip
Size

37.3MB
Sample

250105-cwat2szqhr
MD5

adc5c93214ba0dded263602b7bed227e
SHA1

adec18e32eeab9bbaeba9aba5dacf7aaad41ab86
SHA256

8e5da28578d68378327458e2ec53a7b92b0cf3b160a2dad1515790b5095ff90c
SHA512

0f2e349aeadf7550031c18c3457d07e4ac68062936cf0521e676d6452acc7bbe448323788881f635394013b0879f340bdb5f55b038d35b48f0742b9e5fd69f74
SSDEEP

786432:v6kzE46kzEf6kzEm6kzE96kzEU6kzE76kzEi6kzE56kzEs:v6k16k+6k36kQ6k56ki6k76kU6kF

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  PASS-1234.exe
- Size
  
  526KB
- MD5
  
  e2567466f88e3da8bd430a7fd6bbf229
- SHA1
  
  3269a6517fa157a962051024d8e46e6655740035
- SHA256
  
  aa4f774f707fcec31895672d4c6845761d57006adf73342ae9739c37b4c9c597
- SHA512
  
  92d1cace941d468d65cf7dda4a906697e82fefe2e03770a90f473c8a4e6f325f554fcc006c784fdb5b7e663f26d90de53e843cf12a1a90e6f7013a22fdec8313
- SSDEEP
  
  12288:rztE0u86qlmk/H22C/yAKINWwvJs1RtjGwPFgOktyuLhcb:rO0uYlmsHUIvwRsHtjdu9cb
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  libbry/libb1.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral3 behavioral4
- Target
  
  libbry/libb2.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral5 behavioral6
- Target
  
  libbry/libb3.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral7 behavioral8
- Target
  
  libbry/libb4.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral10 behavioral9
- Target
  
  libbry/libb5.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral11 behavioral12
- Target
  
  libbry/libb6.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral13 behavioral14
- Target
  
  libbry/libb7.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral15 behavioral16
- Target
  
  libbry/libb8.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral17 behavioral18
- Target
  
  libbry/libb9.dll
- Size
  
  21.2MB
- MD5
  
  d048a16cf471fca67d6805385a2488b1
- SHA1
  
  3385cd047d14909ccfc0f28d552c2301272e0af7
- SHA256
  
  f00a35a9725ab3ba68cf340c547e88e8916adc5c2e8c9220d0a76f0f83ff14e5
- SHA512
  
  1249f917a600a7abaeb88e2efba9583f840bb39c769aa481b991eea40567a286c831749f7950ead4f83d4b6407209a517303a5e8ce7c3830882ff6627a189ddc
- SSDEEP
  
  98304:EIGaJcU/8bAfda/bYLc8UoWoxEXtpdQnsQX8beePZUjBTnTQoW01E/tpq4xFfgSM:vG8ZztgesX8
Score

1^/10
behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20