lumma | e883775711e2df54fc98181d782ede135d1b5e212594fe59cb9e75be5cdfaaa6

Resubmissions

07-01-2025 23:46

250107-3sjkwswnen 10

06-01-2025 21:58

250106-1vmzzszjgs 10

Sharing

Copy URL

Twitter E-mail

General

Target

installer_1.05_36.9.zip
Size

20.8MB
Sample

250106-1vmzzszjgs
MD5

e866021c606a52158525d4f2df67a5cd
SHA1

bdb711c91b37bcf9306d53c396441eab5d0f4fbc
SHA256

e883775711e2df54fc98181d782ede135d1b5e212594fe59cb9e75be5cdfaaa6
SHA512

61432fdd6a5a7744ed37359cbe98786981fed6fc32795179267a571904323ea69c500b3c2cb5bd2c6572d34c212ed9bb1c1d9e5a73c5e27d95d8c8989ea7f569
SSDEEP

393216:NZmphOyRvFL6UdiB5nFxhmRvmJiS7+dMA/bYomtmx6YDjN1fxRS:NZmphOyRtJiBHKR+4MA/EpQvPxQ

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://siffinisherz.sbs/api

Targets

- Target
  
  installer_1.05_36.9.zip
- Size
  
  20.8MB
- MD5
  
  e866021c606a52158525d4f2df67a5cd
- SHA1
  
  bdb711c91b37bcf9306d53c396441eab5d0f4fbc
- SHA256
  
  e883775711e2df54fc98181d782ede135d1b5e212594fe59cb9e75be5cdfaaa6
- SHA512
  
  61432fdd6a5a7744ed37359cbe98786981fed6fc32795179267a571904323ea69c500b3c2cb5bd2c6572d34c212ed9bb1c1d9e5a73c5e27d95d8c8989ea7f569
- SSDEEP
  
  393216:NZmphOyRvFL6UdiB5nFxhmRvmJiS7+dMA/bYomtmx6YDjN1fxRS:NZmphOyRtJiBHKR+4MA/EpQvPxQ
Score

1^/10
behavioral1 behavioral2
- Target
  
  Read me before you start.txt
- Size
  
  1KB
- MD5
  
  1392ee9ea02404bb350ae5e982a16bd3
- SHA1
  
  0c29693b09d85220d51d80dab14f2b8d87a0cdce
- SHA256
  
  0728664c8aa5805bf9e4ef8fbe84e0833127185a5097bda12b6156a15bcb29ec
- SHA512
  
  2c41d21564fa29a3dba2c6055c46896dee98b0af35d21a2fe8369d469bdf7b10111398ee3063c47cd28da694cc0d5e37d7d1f6f494f8819b708eabafffe21cc6
Score

1^/10
behavioral3 behavioral4
- Target
  
  installer_1.05_36.9.rar
- Size
  
  17.3MB
- MD5
  
  19f6ca66f86dd36182837b1e5845e2c7
- SHA1
  
  df171122405698b7dd482a41beb1dbd614168fa4
- SHA256
  
  11874068ef0e522730f49d405fd2b66fd54bfd692217ba75b53fcfbbe628e47c
- SHA512
  
  40319a21e9e3805ec43a63b75b88018eff9e42558743b8592003560d5d21b179cba319252d5398b41d06dd1bdf56bb99db0d77160e35fd56d97b3bdc78f632b1
- SSDEEP
  
  393216:VZmphOyRvFL6UdiB5nFxhmRvmJiS7+dMA/bYo6:VZmphOyRtJiBHKR+4MA/Ev
Score

1^/10
behavioral5 behavioral6
- Target
  
  Lang/lang-1049.dll
- Size
  
  258KB
- MD5
  
  0ac98a4bfc717523e344010a42c2f4ba
- SHA1
  
  7967769ee63b28fc8bec14854a4a0a71bda6b3f2
- SHA256
  
  68546336232aa2be277711afa7c1f08ecd5fcc92cc182f90459f0c61fb39507f
- SHA512
  
  8a5f4f19c24c24a43d9d18a8935613ad6a031b8f33d582767a2407665f1ff39a403ddaeecbf4f22a58759fcd53f81f4392192ca9fa784ff098a6c995509f9547
- SSDEEP
  
  768:KNGdfE7k4pzco2V0lyurfRZBGb052Vqa9/QkHq6KT8W8LI1LWFznKM+psOKrjG5v:KNubVGu57nUQG0HZSBTjZGmDbKzu7Axc
Score

1^/10
behavioral7 behavioral8
- Target
  
  Lang/lang-1058.dll
- Size
  
  262KB
- MD5
  
  41c75e831a5571c3f72287794391a0e6
- SHA1
  
  0fe7a9a3c905d0376001a5c46edfc0000fa82bd4
- SHA256
  
  b3ad99afdaee3b9365e7a3ffcc44c2761e22a4f92dff5e5efdc52f6b08ea0105
- SHA512
  
  d3d03f3308db1862522127300127839aa44828d29622db20aea71e6a80a51247654e380d7a0126361d85774137826fc345ae368335bb1ea9c1c8995721daf432
- SSDEEP
  
  1536:yNbT+wDopP25xej01K1+KnohMEDdQPfYBRL37KCxr:gbiwo25xwKhTDd80Rp
Score

1^/10
behavioral10 behavioral9
- Target
  
  avcodec-58.dll
- Size
  
  26.1MB
- MD5
  
  d9a55aef72309f0d7d0f2d8af597c496
- SHA1
  
  ff847e2d21a315ddabf46d4bcdffa419d5f6f36b
- SHA256
  
  04b8ebc13e3efdd3d95b20ecac79c5040c02d07333f5756635dc2ba8440abee8
- SHA512
  
  009c4d703800feafc4b52aa8aef96485aa46621d7df191f0b5fc05da44ab82e27b8345931966dc0b1c36dc39f4fcd5c824c748565531b04acf8ba5834460b114
- SSDEEP
  
  393216:MZ1/9cf2VdHCsZYopFD/lqqhrhlYIRc6f6ma14htfCbuMmUznrsCa3coY0Vowg9q:Azo69
Score

1^/10
behavioral11 behavioral12
- Target
  
  installer_1.05_36.9.exe
- Size
  
  1.1MB
- MD5
  
  586c45b07a69a89813272e425388029f
- SHA1
  
  979e0ccab38b87ac3d3d4c79a6a3d9351179df26
- SHA256
  
  41fcac4067db860114a270ffadb6083647ed54bc95e43faf1fffbb23f0cf2a2b
- SHA512
  
  b83a662985d4a1165e19bbbb52e10cbaefab972f8a8a5dd65a657b32c29a5d1b69f3c588c41469340538600ecc237a369b7dfca35cca18572511f2b997d1085e
- SSDEEP
  
  24576:SGjZb7WC6n1V1ZkIppYCHKW0pPM5nhO9LI5mnx1+lEU/6Wx:3VK11Vr/ppdqWy05nkLI5mn7DUCWx
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral13 behavioral14
- Target
  
  .data
- Size
  
  512B
- MD5
  
  014871d9a00f0e0c8c2a7cd25606c453
- SHA1
  
  92d7e0d8d66861f702d867dac616b7d02bca94ec
- SHA256
  
  637a3943c555de3601588a8398252a905d18c17f9d49f750b812daa630abac68
- SHA512
  
  3f1e945759614a0e0ee05d8cc7c9d3a9f0b2954f64c173dd8f755d6b422c0b2f1f7a5c3af8aa54f3c6909de65c125e048dd8d17ee55da3989c4b2c807d83874c
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  .rdata
- Size
  
  11KB
- MD5
  
  07990aaa54c3bc638bb87a87f3fb13e3
- SHA1
  
  05985b7f60a664d2595e9406ae3b208c97597bbc
- SHA256
  
  b38b34dfbb61b5fc0659b9861f09dfdaaa743cb97bf0134e7bab66a75ddc940e
- SHA512
  
  0017dd49d85c6aa9e8351c7da60f1150cb241022664151f0d2182a7a344f46286eb9f131f75a5f1adcef57a1362689a3c40a37547acc262aba92b742c13b65ad
- SSDEEP
  
  192:wiR1IorPNhxjQFOdiq343py7JRWVS7yWymPn:9RiaPblQFdq343pwrWVaymPn
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  .reloc
- Size
  
  4KB
- MD5
  
  893c25762430990a1e811368d780dea7
- SHA1
  
  65790174622366fa0a630058c3cc4037e38d28ec
- SHA256
  
  514e14b302e8eda10c774caa5b0b2c1a06078d9c93a1f5bb09f3089124450f3d
- SHA512
  
  69f45e2388ac5b716bfb44d211c0e7449388bdf32f65176041c2dbcdc67925019dc96b6d367e6b5a21a342694ae521e744165278222eaf0178f6d786074303b6
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  .rsrc/DIALOG/105
- Size
  
  256B
- MD5
  
  3409f314895161597f3c395cc5f65525
- SHA1
  
  1a99d016d65e567f24449d9362afb6ac44006d0b
- SHA256
  
  fecdb955f8d7f1c219ff8167f90b64f3cb52e53337494577ff73c0ac1dafcd96
- SHA512
  
  f3e7394fa49325a7ea46728b77a5e819e18d63049d54c6adf36d08619709484f8bbd20206416d3c1440bd70632d99d9a45f3488482353f90aa21aa6ee3915427
Score

1^/10
behavioral21 behavioral22
- Target
  
  .rsrc/DIALOG/106
- Size
  
  284B
- MD5
  
  2d12c45dc2c029044aaff357141cb900
- SHA1
  
  083db861ab3c7db23c6257878296e73a89a74b8b
- SHA256
  
  69897c784f1491eb3024b0d52c2897196a2e245974497fda1915db5fefcf8729
- SHA512
  
  a50dcf605a914f0a6f94b3f815be159c2b729d005a25d6cc9120c4d34445cae2d0b20df3dbdc7672f316010c6a47079265548a1ed5a523896963b1a3ddf98a17
Score

1^/10
behavioral23 behavioral24
- Target
  
  .rsrc/DIALOG/111
- Size
  
  96B
- MD5
  
  6be4e1387d369cf86e68eacbdd0e81dd
- SHA1
  
  351970fe2681b9b35b5d59ad052011ed96a96e17
- SHA256
  
  85025c8556952f6a651c2468c8a0d58853b0ba482be9ad5cd3060f216540dfc0
- SHA512
  
  b81b287de73282cc5a7337559fbce5af01d1a440f04ee97c6a8e1de0c787ef38936c951b802014b841fc517fe7f2b916266dc8c35cd5de1ad0c630dc2218fa81
Score

1^/10
behavioral25 behavioral26
- Target
  
  .rsrc/GROUP_ICON/103
- Size
  
  76B
- MD5
  
  e8146f385dcb53027f49632193f6c6b1
- SHA1
  
  270ec225add112e870597fe69842ee1c497b4ed9
- SHA256
  
  d3018feafa9e1c84878f9e6e480b03d0457de5b49fb13b94f1602b63aa604b51
- SHA512
  
  b3cde6fd48a9f7f94f31ec5004322af0b7fe5797174d4f1358becc69951d9743a702c5f4c94a12d3de2c01defc2a924e8a424bf08848f443f19aa49f4db05cce
Score

1^/10
behavioral27 behavioral28
- Target
  
  .rsrc/ICON/1
- Size
  
  35KB
- MD5
  
  5198c4c7364f59c75e28acac4bfc8487
- SHA1
  
  d47362be5062e7d8a32bb79779de045d4893a54a
- SHA256
  
  7e3cfcda1bfe2adf63a27aa1751e56db32b94118a08600573ff1fde2c0bcffca
- SHA512
  
  78615968336893f41f194de5337da218ab9d547654ad70cc769cad518accd0e3897c25ebebb3e0e218c3492bc3952f01db2578feeecd6d511c241af93cfc09c6
- SSDEEP
  
  768:277gY2RYbV8SuHUCgCIHEBBgNyOq2gntmypwm2LwYqUNfqHwZRgISRc:2XgSbV8aC8ErKhlctn2UdUNfbyIS+
Score

3^/10
behavioral29 behavioral30
- Target
  
  .rsrc/ICON/2
- Size
  
  11KB
- MD5
  
  8b24604c5a6c5b22b864f249be628ccb
- SHA1
  
  ddc013d08580e2d1836fedbb8d7fe7a29e9efb9b
- SHA256
  
  2f1efb9aff45e35bf28a28b2358a09f72ee2adb3091f07a2da53646e98f1322c
- SHA512
  
  bf7357097211ceb24a750436c575da448591cd920b7df30768443538f10996ac562aca9f90a45f3559c774eb9309364fab1a0bcf0881bb48b919b7b7eb07d492
- SSDEEP
  
  192:r3Z6OPaHpR1Vr3X6MNULSSajA7qOuKBOOEiSDA8TXv8zvVnjWPuMUOhsqyUbieX:roOiHn7eMCL+sqOuYM9baBguFssVk
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32