lumma | bc845ab964ef0e15f09dc27adc16edb3381e9aac924d5787ef0046dbe62347d0

Resubmissions

06-01-2025 08:53

250106-ktfaravkfl 5

06-01-2025 08:49

250106-kreansskgv 10

Sharing

Copy URL

Twitter E-mail

General

Target

#Pa$$w0rD__6654--0peɴ_Set-Up#$.zip
Size

7.5MB
Sample

250106-kreansskgv
MD5

b82b154592009655f2431f3c3e8537c2
SHA1

14a1e65bb14a1c3374b092403fae84514440465c
SHA256

bc845ab964ef0e15f09dc27adc16edb3381e9aac924d5787ef0046dbe62347d0
SHA512

c6cd3afe1cb5888a96ba0dad7e12f359a8cfeb54a36edbfe3b46784174786a1f9db0cb6c6a219839c011779e619609a766bd5ee1de45ec716299dfeffbec873a
SSDEEP

196608:jzsg208CQPnTFcwHHXWAF2zVmSEno4zx8:Mb0srHHXWAUs1e

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  #Pa$$w0rD__6654--0peɴ_Set-Up#$.zip
- Size
  
  7.5MB
- MD5
  
  b82b154592009655f2431f3c3e8537c2
- SHA1
  
  14a1e65bb14a1c3374b092403fae84514440465c
- SHA256
  
  bc845ab964ef0e15f09dc27adc16edb3381e9aac924d5787ef0046dbe62347d0
- SHA512
  
  c6cd3afe1cb5888a96ba0dad7e12f359a8cfeb54a36edbfe3b46784174786a1f9db0cb6c6a219839c011779e619609a766bd5ee1de45ec716299dfeffbec873a
- SSDEEP
  
  196608:jzsg208CQPnTFcwHHXWAF2zVmSEno4zx8:Mb0srHHXWAUs1e
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
behavioral1 behavioral2
- Target
  
  #Pa$$w0rD__6654--0peɴ_Set-Up#$.7z
- Size
  
  7.5MB
- MD5
  
  e2e4aa08af81749382abd08bdae9d5ad
- SHA1
  
  3310da15547d8bd20376399e4a5ac9543721500a
- SHA256
  
  b5dd13a6ac780c83b108281abc9b05ab60901556770fca27e0074243449d5b12
- SHA512
  
  96155e7076929f18205804a957a10e72e72717e1cf778a2c9e68ebff34773eafbeb0ae56a5d08e2d0d0ef979f8af9861fc9d976c26235ca4314e277a4ead3d0d
- SSDEEP
  
  196608:Pzsg208CQPnTFcwHHXWAF2zVmSEno4zxg:Yb0srHHXWAUs1u
Score

1^/10
behavioral3 behavioral4
- Target
  
  Resources/Data/x64/r4_groupH_simple_rpcenc_017w.phpt
- Size
  
  1KB
- MD5
  
  c9ff7b8b28e4f6f1960cb2250a51b4e9
- SHA1
  
  4b7236cb5d51ea64907c85c2520e7d58de500852
- SHA256
  
  19566e8db5d6df0af3b0db04c081c8755d51287d6cf037ea76daa149719594a7
- SHA512
  
  ae8687155ae836cc2a8085e784e153b992d81063db662224497ee2f4c4999446fbfa79d34f59410ab69f7c469ea28530fc1e1251e480d3af5f528c8cb9f9aaf2
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Resources/Data/x64/schema041.phpt
- Size
  
  1KB
- MD5
  
  5f51b9a1581bb2f88ae0600b136b25df
- SHA1
  
  248d71b7eec2d96849750c2a624a61cbfa69e046
- SHA256
  
  cf261ac81f1aeff1f9a4cb5f729f842cbe558643b87082e1d9cdd6d72bf5bf47
- SHA512
  
  55cc81f3d20301bed713cd07b37aebaf29d715ced332a310c0d3d154b3501af7515e4c3c0497e0d666fd339256f48aa5f2d6e376f2a9b1eee433a1c869d18b62
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Resources/Data/x64/ssa_bug_008.phpt
- Size
  
  199B
- MD5
  
  aa3651726cfcc4dbfb8cf13e42772fa6
- SHA1
  
  5f50a4acc05d143986a939b779a0295046346c3f
- SHA256
  
  927c6df5510e71d59ca45743f397583b30c3a0eb79e9ae70c6f176d86e5ae3ff
- SHA512
  
  b303f9971d8a263723b6f8e087c53b8767e8d73a40e0e754a619cec032fbb01ecc4c5ad08381bcf4bbf0dde32392feb4d8ac6b6a2f321f01223c8327cf04e94d
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Resources/Data/x64/template_cloning.phpt
- Size
  
  348B
- MD5
  
  86f88ce67edf11ec07843b2ece52c3d1
- SHA1
  
  d2da9ea58c174a33c326eacf7eae0d8e3b5e5cd2
- SHA256
  
  ea323f40cc23b4122a25b13dc4820b4f254d65d19ccfee7c2e3eb2e0d7d1e27e
- SHA512
  
  2b1dab3d31469ce90452eb00171ff8a07546853c4e249cc62a0897591d89160d8fcbf72335b87d8384b5b1a503718116b40764f64457cd0fe08be33f169d190d
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Resources/Data/x64/try_multicatch_007.phpt
- Size
  
  398B
- MD5
  
  0ae10b5a262b1c585840c27f230af9b1
- SHA1
  
  5f22a8a97b3b18d64e6df22bda76e7290529c9ea
- SHA256
  
  477b23e295bb09960cca04b676853c2038fd93e5ba87f92ec17ef632192e557e
- SHA512
  
  66ee8074e136ce73c742894d69cc546515dfe67075227dd6069011638e6514bcbf74dccd6c374345f25860cb13c8e065683ed0535ace94fc43055f339ec13999
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Resources/Data/x64/x86/T33.phpt
- Size
  
  670B
- MD5
  
  ec3a7b53d44a86fbb688725cc780f046
- SHA1
  
  20a1d35ad33198238606ecd259e1de4d9eeb8bc8
- SHA256
  
  999f4fd02fbbef0f37d09884542a67e518bc73c0fa7248ffb374e01c4a630dae
- SHA512
  
  125274408ff309c03c89e84c8dbcf14ff55beb23550c3ea1754d976ed286e1b874c7453cd3dcfe186e8b1a7e6e867c68c010b7f551bf2cb03ea90a1a9c6a45a7
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Resources/Data/x64/x86/bug64007.phpt
- Size
  
  747B
- MD5
  
  752feede3f76f05f53a8910b1d018d42
- SHA1
  
  0f940b348732686948502c88e3f1f42ae74479f5
- SHA256
  
  83edaaca206481ff1fb220e0aaf602804ae1e788ded802763575db25d9a82149
- SHA512
  
  2751868e2455ab1a1be6475b512e136c38ad91bcca38f916bbcf7b74a477e34e081a508a6ed3c6dc327f6c8ef51de9222953a009fa56f591850602e6cec4aad2
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Resources/Data/x64/x86/bug72094.phpt
- Size
  
  3KB
- MD5
  
  fbfa8f624c863cc13e663776bba2a034
- SHA1
  
  ca21423a52cce85343d6118b6fda74fd370677ba
- SHA256
  
  cf0c576b884c43e675c267d9d33085c61fad3385fcff8884e5b936c55a8fa89a
- SHA512
  
  baf451e52a450c71020434999bf3692cdaa39da1003e50c78b986edd81ee846a4b27df8b1a89466ab7422b4e7d68608efbf3efbfbb356d3f79f0e2742a2545af
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Resources/Data/x64/x86/foreachLoop.001.phpt
- Size
  
  956B
- MD5
  
  4ffedada6d444499fc98e583e3410b9a
- SHA1
  
  0386f5a0b203155fa55296a22c262227a2be934a
- SHA256
  
  760e7a3ee7e203a655ababc23eed823615276aa44e0e91049fb49d0474243ecf
- SHA512
  
  1ba61b7b722661d5114cab21b3c24e8347c34a9fc8431625831584632dadcb524deb9422eceecc6853c9126eab5fb8c3934bcdfe77bc43fe9ca956132f0a2127
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Resources/Data/x64/x86/fpm_scoreboard.h
- Size
  
  3KB
- MD5
  
  604bbea166975472c09ca3ecaeb2ed91
- SHA1
  
  be0587b54393050203692c5236eab204e82ab6ac
- SHA256
  
  cc2aeed6f2e108f12d47d1409c6fcf53b6749534e435ef8622234335f3c21558
- SHA512
  
  c5a4b221ba4591812c4fd02eab6bbb5db78ca90cdd779b76ba70f4efbb1c650ed9b6fee91c8ac883b6c4f98bdf62735131717c6eaa5f1c608953020953c9528e
Score

3^/10
behavioral23 behavioral24
- Target
  
  Resources/Data/x64/x86/frontcontroller16.phpt
- Size
  
  333B
- MD5
  
  735862d12e87a717124d1662c7b53e3c
- SHA1
  
  492507a6557571f85e0a72319b38bf455b4193b2
- SHA256
  
  def0241a62a41e3a671941a372b9c9001787a23e5c98b780d8f16f6d2ffa2aa7
- SHA512
  
  90ab2d40ca74e68e36fb01360d5d3927c5c184fb399497bc54b98e9dae0f13e6e793dcc67f62e973d8a554da25ff87ebefc42ed1d0847a0fbd4f66e5696214e6
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Resources/Data/x64/x86/gh12908.phpt
- Size
  
  415B
- MD5
  
  4998a6abb46382400e471e439de31b1c
- SHA1
  
  8edd55d7e769d1973f36390fe9f388d742169988
- SHA256
  
  5697a796e2a739fc911294efd076d946a52f25804b37d7392a8dc1a9324d2848
- SHA512
  
  bae8321ed53f7a514b2f93e322b4546d668f496197775e85b8222b3256e7df12145ebe5ef5c67d009dcbee156933a592984627c19f8ab3916bf4b3640376ab19
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Resources/Data/x64/x86/gh13991.phpt
- Size
  
  395B
- MD5
  
  a94a76b71c726c0d3e3fcd114f87b27e
- SHA1
  
  8c7407bb9991dbc57ee6a4f11e772e6a853dd5f9
- SHA256
  
  267f8be6fb2fac6be1175de4510b4a86b10ebac05ef2efba0a49d40fd03a1d3d
- SHA512
  
  0d06791c3dec37203134be131e4af6bb3d117851a4423ecc604ff9c7e3bee62bff46680d74e00add90c634b0fd4753ef0ec948abd0d15432e0e88ddb950e1050
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Resources/Data/x64/x86/htwj
- Size
  
  2.4MB
- MD5
  
  ceea78710c5247be6a4dda72a209f3d5
- SHA1
  
  92d6cc42c820df8fee42748e1f778d3265cf582a
- SHA256
  
  6bf12cad0c848c4ff37152c30d263188d07da8c5f17dac4f49c2ba0691221add
- SHA512
  
  e2164edb3eee4bbf97aca6da81b1d2cb7b35bd2569d72c8f0a9fdf42738ae83100a399c7c831229706d857a4d4adbd5ea5cf1ab50b7c0feb43954bb9a7f44471
- SSDEEP
  
  49152:0oW77h3ZeJJ1ubXvArL/wmKYXV78GOWF9xY3IEAWF:jsZeJJcvzmdl7vO4E3I9WF
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32