lumma | 72ae92fac3b3feaae850bd3310e21f483cd20bc7db4d8d1d3dd7b14c97dbf9ec

Sharing

Copy URL

Twitter E-mail

General

Target

72ae92fac3b3feaae850bd3310e21f483cd20bc7db4d8d1d3dd7b14c97dbf9ec.zip
Size

8.0MB
Sample

250107-aceb1strbv
MD5

7a2ae23a4442f080a4e5036e922b950d
SHA1

bac7e3b69e2c11dbd625ea05f345457db2ba1426
SHA256

72ae92fac3b3feaae850bd3310e21f483cd20bc7db4d8d1d3dd7b14c97dbf9ec
SHA512

be6b93bd6e7f13b518274bb9cee464eaab0195a1d60590ed9061035ce0dc16769c3da24af9e8e4697c7c240f89dbe742c947264d8d962e609dbd25834692affb
SSDEEP

196608:17aMcLBSbWkReU5XHFlyGb7Cz0Zv29rCrQFoYgL:ZcLBEReU5Xvb7vZuN+QqYgL

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  Crosshair-X-main/CrosshairX.exe
- Size
  
  361KB
- MD5
  
  abc548042b37a0a33b19399d4500147d
- SHA1
  
  377cdc70e55aac4a4272030b6f52e4a4c62d8d5d
- SHA256
  
  cb5d9e88d311fffd94b7811a4e7b81c3009bf66fb2b8c554e13529da24e9cf0e
- SHA512
  
  bc6b60785ba94d0107646b42aa2f1eea747b461ed79529d9bfa0abc0e852a1d5199e624a99b0fe148923437215d0b49e4530f2c5017caf04d441fbb4e0905da0
- SSDEEP
  
  6144:ZTPOsgo5qJgKjOfDDBrwHJAtlsGMpZh7exUG0Gv0JYlCaLkmJ3/n2b:ZPOi8go6BrwSMpZg+GBv0JYlCahJ34
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Crosshair-X-main/D3Dcompiler_47.dll
- Size
  
  3.3MB
- MD5
  
  e6945cceefc0a122833576a5fc5f88f4
- SHA1
  
  2a2f4ed006ba691f28fda1e6b8c66a94b53efe9d
- SHA256
  
  fb8d0049f5dd5858c3b1da4836fb4b77d97b72d67ad951edb48f1a3e087ec2b1
- SHA512
  
  32d32675f9c5778c01044251abed80f46726a8b5015a3d7b22bbe503954551a59848dacfe730f00e1cd2c183e7ccccb2049cde3bc32c6538ff9eb2763392b8c9
- SSDEEP
  
  49152:0yZ9lnpmVm/w+EwVOmufvkQS8MH2J9CqS5Sqr88pPWW5KhQYPsXqUiQt:F9fWAwVBC8MH2JNSF8+YPsXqUTt
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Crosshair-X-main/Qt5Core.dll
- Size
  
  4.5MB
- MD5
  
  b4f2c1be9ac448fdbb6833b0fba3bb75
- SHA1
  
  e34496261619f6dc70efd08b0f3c9c73b3dfee50
- SHA256
  
  7ab15d298cdd7185f2cceae2613715c54a54861fa788bb2de3d152eceb484288
- SHA512
  
  be478f77214590ffe6360ee4b9e3c20e45d5281973cfbd502674dbdfb5afe62ec9b0ae06418f4523dd73fa4573d92c52100cf5c3b730ae1bc8ff3f34d8e1860f
- SSDEEP
  
  98304:0dS/SBS/PayG3fVkp9PJsv6tWKFdu9CPDB:/wfVUPJsv6tWKFdu9CPN
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Crosshair-X-main/Qt5Gui.dll
- Size
  
  4.8MB
- MD5
  
  d9b78f4b2f8f393c8854c7cc95eae5d8
- SHA1
  
  8d648e7bda5b6bf7b02041189b9823fe8d4689e5
- SHA256
  
  55faebb8f5e28cde50f561bbd2638db7edcfd26e7ee7b975e0049b113145ae38
- SHA512
  
  6e76b524a56cc9bb5ae4beeedd41a48c35cf03c730752da3cae49862cb7bc3c17283099c39787f5933c1771eca7c2e651d92b961de7f43813f026eb295c90c81
- SSDEEP
  
  49152:PcLeg66Ry8jdAYbppzo7Tzj1/JrRbkwW6Ydzzr3YCWizxCqDRkU9i4g1/JAyn:kLrBpr1o7bRyfdzzxz0NTA4
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Crosshair-X-main/Qt5Network.dll
- Size
  
  840KB
- MD5
  
  0fdda3a8c8be28993b156b24b300ccdf
- SHA1
  
  57fe6cfd0b28708d23ae560675d4c462127722c8
- SHA256
  
  335cec3a5f9082f083190660932b6641f682f4c5818ffbd6ffa98c9d0c24e0f1
- SHA512
  
  4ba8b28ac903d087344185b77144bfcbcd5bda11efb2a8d45b942363b8a13c7c4fb56820644166c7556fb44b68a8786ebb10b8cc4b3557247aa85214289e4453
- SSDEEP
  
  12288:/fGeWXoifZwygBFp9RsVqSA3jk1x5X+JPnk4PpazkoLhVY9hqivwlsBNzARfG2:/fGeWXoiBwHbHEgqM9BNzARfG2
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Crosshair-X-main/Qt5Svg.dll
- Size
  
  253KB
- MD5
  
  06cc5d18a496520e05bcfee1e3169535
- SHA1
  
  98ba5d0ed52499a845038c3b4bcba356b9339f11
- SHA256
  
  ea31035fa96ba656d64b58d4f1a9dd210df7154afad3d4f96ee36b41584e4360
- SHA512
  
  154a2fdbaa045df6289476420cc4045905a866cd54d756dcc09e0ea79f2cec7f33c748534f47c827841e35c35f71d462cadb801a6b99bf72c162c075d786fdbe
- SSDEEP
  
  6144:kKD4dwpLEE61jMW52NP5xwuMnyOWYGcy8Dv4Cnke+9oCsGhvdw61IwxP4zd:kKD42pLEE6mw2NPnBMIBrU
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Crosshair-X-main/Qt5Widgets.dll
- Size
  
  4.3MB
- MD5
  
  f697ffc85fb86d72654c4f5ba4e1bdc2
- SHA1
  
  670657f598d408ab232dec75be6fc7983bc5ce4b
- SHA256
  
  400fa69aa8803f6c3a6f9a5fc956475d0396095c4b6d4665b7aa29bbcb8e3640
- SHA512
  
  47513892c22a193c51ecf09c8f3e4c4271a92be33b7b7d535290ea75a1498c5531881a26a85dbf758361e6892abf12a796f1c5c284a34f1d173d61d2012325b7
- SSDEEP
  
  49152:Zhk8cs4FhK1FKBxR8Lcdm0OTqZ7uA/GrXHIaTU+cDZ0V37SUJ:7k8ymoBxKAdmL8yONaQi32UJ
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  Crosshair-X-main/WindowsManager.dll
- Size
  
  440KB
- MD5
  
  01dbc2cf64ee06dc25017b333ce1780c
- SHA1
  
  ec60c52e008332e34ff96b1eb0fca22726308411
- SHA256
  
  673c7859656d57d6ac79bdd03c76c80d178424a76fd481fc264244cacdc28c39
- SHA512
  
  54f74c67921d2e68ea45f7a424082f5cbfad2b58700eb0885bd20cea3066ea63a5d5e70617cafd8bcfd2a52f6b9e762e231fbe3b3b74f8633bcbd98bb0ae66eb
- SSDEEP
  
  12288:CWyFnBvgiQrvMFoxnaH0lfEXTiWPDS4Otj:NaBv+mbH0lfEX2WYtj
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16