lumma | 8322d97df1595a3363a69079de32d043e4135ce4b5c2fd77473fe95786b45966

Sharing

Copy URL

Twitter E-mail

General

Target

8322d97df1595a3363a69079de32d043e4135ce4b5c2fd77473fe95786b45966.zip
Size

9.3MB
Sample

250107-ac7cssvkev
MD5

336579343b8e5dc4c216b2d9e5cfa179
SHA1

9ca57369880f1e28c4bf9d742c615252af2b1356
SHA256

8322d97df1595a3363a69079de32d043e4135ce4b5c2fd77473fe95786b45966
SHA512

12f4b1999b36af93d88c690793d09059dbdabf7eeda57adef9023210c8adee5bdd08f637b8fe44c1c8691b0396a486d4de43e2b68cba8c7d366fdda971cd7958
SSDEEP

196608:E9noXiUKrIC4WRIsMj+csK9gh6BkfMTMV6dNC2v+sgSaD7zz3D3XrTkOlnGExWWL:Iopg45mcrClUMgd0WZEkOdxWq

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Targets

- Target
  
  Solara-Roblox-Executor-v3/Solara-Roblox-Executor-v3.exe
- Size
  
  385KB
- MD5
  
  c8136ad13d22de44c8aa39fc3e379f72
- SHA1
  
  6ad65575b83d03bba988069e2a0b55f8d9baf12a
- SHA256
  
  da375b9441958669ff23c639cbb8b994566d730ecf882b00d8d5394348325683
- SHA512
  
  bd2c7dda9545029006903091f3f269d6ce07f2a7b956fdc835c5e087c77c7a2496fad9addb20df27ea3e3ad2b405f0e0e5d4915a9775fda99879460701544518
- SSDEEP
  
  12288:l4Ct4y2btPLyZP7NItFdFPvtcJqEoDrDEO:SQ4pdLyFNItLFXkqEo/Dt
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Solara-Roblox-Executor-v3/UnityEngine.CoreModule.dll
- Size
  
  668KB
- MD5
  
  afcc17c83eba3e1bbb4b40aa0329fe82
- SHA1
  
  e67187c59225c97f7e378afe1fed5a66a9f44912
- SHA256
  
  64094b50fcd0d8f41b69ea6441f81fdb8b030ca1b18cbb787fac331937345de8
- SHA512
  
  5ace8a294a1d19bccb25b6c6ddc7750285f831b7501914603fb253ce1f01e2f804f6e8264bf652990957d77c59b1db42ec813f4e38d7c0545ccb3c3c3145c279
- SSDEEP
  
  12288:HFimNUO3Dn5bhYoMvbQARCFtrCOyRy5t:HFiuLltYoMvb9RCFtrCO+ot
Score

1^/10
behavioral3 behavioral4
- Target
  
  Solara-Roblox-Executor-v3/platforms/qminimal.dll
- Size
  
  39KB
- MD5
  
  0d11c7345f45db606fd043769f61711e
- SHA1
  
  4bddd97e0d7cf4d21d9fc1788edd4a446e707e2a
- SHA256
  
  5449a31e65aa25d817d746dc3e8820a0048ac3dd4ba7ec4e9124ad9c680f0ab2
- SHA512
  
  307bc38d65fe24193bc92fa6084beb835d4a9d4b220fdb1a89db435842ad9960c5d4ac2b632cc4db4bc3f54d3ab2f75401cb18a25be19cee8d69df61bbee1134
- SSDEEP
  
  384:fyZhNQ6oxJLGBMrrIbwZLWyfxDdjlXqDoF59unYPL4f6tUHeMo:IhQxxMMbl/5oTyH
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Solara-Roblox-Executor-v3/platforms/qoffscreen.dll
- Size
  
  569KB
- MD5
  
  a8e0bb1dbed14a8e1b45629f99c42307
- SHA1
  
  d8d473dfc3c4fa8563b99c78de8bc8c9496f0af3
- SHA256
  
  92b6fc0f4e5f3f25170a12ccfb6dfa6943b28f5e86f5619ae383804404bdcd81
- SHA512
  
  99e6a2ecc824b7c2356dcd9646d6409639ad64207d019f228dba3155a24660182ebcfc3a6292eb58dcfeb2b4db5152f1f6cf74ab9d118bde292d01cacb8fc9fd
- SSDEEP
  
  12288:NpMU4V5G96KiPBSTs4cq3asQ2LgAN4I7b9+u:Lf4DG96K8BSTs4cq3JcjW9D
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Solara-Roblox-Executor-v3/platforms/qwindows.dll
- Size
  
  1.2MB
- MD5
  
  b2af81698f607061986109b4a9004819
- SHA1
  
  36a789f49738de6a10bfe82a282ee7e5fefd396b
- SHA256
  
  4d1eaf41136ac3faefb76f5cf2efe8e7f8a11fd6a943a8b11f2f2a8be5cfe19b
- SHA512
  
  1786885032c3a7f4b4d6624dc0f1365322619f6ed92417a8671fe0a36e20016e677f254da0909395a5b4d0f4c3403072eed8c1471dc3b729cb2d687c4f78b6c4
- SSDEEP
  
  24576:JDpg2QmODTJROAxb4KHA2N8L+0C+6eCKMY3EEsBIzdCGvpzdZRE:UhwJN2NSC/glTE
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Solara-Roblox-Executor-v3/playlistformats/qtmultimedia_m3u.dll
- Size
  
  28KB
- MD5
  
  ef5291d51807167542bac67168d712fa
- SHA1
  
  58abbbd638afc71479b846998f601ed2fa912a78
- SHA256
  
  de588a423926b9943737e16799048a97160dfa83e4d46ff9b2278fea1df11d9e
- SHA512
  
  8a7aa886fb9257d7a245890852c3d0cf6dc5360f57f8ba1e4269b28807594cf040d192b8b0b2616b8400c6276bf117bba634f522e179cf0d4511054dadaa7dc1
- SSDEEP
  
  384:TWOC4NFPb0hOBHXjPL3VQ7i17hAXuXWwsP28ondDGWDgf2hyp:aKHB7LK74hXWwsP28mdDGWUf2hM
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Solara-Roblox-Executor-v3/sqldrivers/qsqlite.dll
- Size
  
  1.1MB
- MD5
  
  38f346032989021cc7024cfd4e108377
- SHA1
  
  a35817aa25c114f75ddc46581f814b556bd7a556
- SHA256
  
  782a28b30ea82c38a5ade1ce73f489c7a8b2156b0c4f3e03b57263322667b148
- SHA512
  
  fe130cdf7e086a7fe5100c15ecdf511f52a636f0176894f3ade6969dea604d9f372d5b256f19f5e267cafad4c567a5d3d21e91134da0bb974f0b798bdae65bbe
- SSDEEP
  
  24576:Z1wLAPlRp06zGz+uhVzS0r+QyHvunAoqzgyBZJDdLIIzhV9IZpsR:8Lmp06Epx+jUg0yBJ5hYA
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  Solara-Roblox-Executor-v3/sqldrivers/qsqlodbc.dll
- Size
  
  72KB
- MD5
  
  340b067fbbc32574ea14b8018da69797
- SHA1
  
  11abd4cad1ea51d24791df3501dc1de766adfaf0
- SHA256
  
  001eff38874f7526fb4cea4b0b28215b55b321ec8c116f2e175bbd604706669d
- SHA512
  
  fdc90e74561fb1f48a0e72a6fe41bf3c9162b93845bf56c47c94da4281a1645ad0e18987b47b05f7aaa712e06bfdf4825e974cf6a6b8ca5aa18b3aaac31c841a
- SSDEEP
  
  768:KKQfNPFNCQLwRebhZKHbFXmAFooXT/+SN6QSFf50pdwvnS0NdpaOyxliHPs/MJIi:kftBhMsJfpHAOlHB8GwOON+hFhUv0Ufm
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Solara-Roblox-Executor-v3/sqldrivers/qsqlpsql.dll
- Size
  
  65KB
- MD5
  
  735da13e49f415ad9e65c6fc4727158b
- SHA1
  
  4e8a5858e94fc477d64ca6b051e0f1194563e9ad
- SHA256
  
  ce22924e026cd34068e9aab334e1deddacc80cfd7c9d80426193540875396362
- SHA512
  
  dc3f18440ac7ca6a018a6630b24a7f24e64c5c98e0b30d986b7b70d1541c9f8a4e30024244b8f06e454aa306256406042623554d4599f02166a92db662756857
- SSDEEP
  
  768:4Kbsu6DyAbiaEGVtmDwYz9mv+VI3QC2uXAydDKtAV/a1atAFlLKcENwXRQhkdDGy:AXE4BIC2uXAydQHKcENwXRQhk0UfV
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Solara-Roblox-Executor-v3/styles/qwindowsvistastyle.dll
- Size
  
  129KB
- MD5
  
  53af56ea898bb82775fdd0f940c429d2
- SHA1
  
  5675fd1243ea87e59256b05e5a7c6c64298312ea
- SHA256
  
  547606fc8a6b20a2616a4f390c6cf0e7aa713f6ad53bae23c8d1b021885aab0e
- SHA512
  
  401f9b346a3da18e750cf26cc05e1013ec8446955344d0e353012abdcb4af4e836515531b1bef4c2fa5a07ec5b41a9cd74c68e39b977e43f9ad1a06ac32fa27e
- SSDEEP
  
  3072:Ef08LJXP50EuapXuJWd62ymc7xliHCTBIm2/40mwr6D5RXffv3xf6D:ufFRQLTBImI40mwr6D5RXffv3p6D
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Solara-Roblox-Executor-v3/vulkan-1.dll
- Size
  
  701KB
- MD5
  
  324aff6c3eb09b8975a40c3bfbab2e64
- SHA1
  
  b62fdf842d454c0f84b50f1b31d7687f7500f852
- SHA256
  
  4d18b4ce03de6fe581f5f003365b39ac1e71d9b7497fc787edf23a7f45361052
- SHA512
  
  a70aafa86bd38f913030db29885cf498c67c6997574621abe039c9f314586236c184877b7c3f64e3f47f83dab6cf289009baa2c19aa67d338528c007ffa2f891
- SSDEEP
  
  12288:VFrle+vw96/DrdEeQAnLwNqrySu9Ix089QQoSNxMlrG:VFrleH8/XkAnys08lwr
Score

3^/10

discovery
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22