lumma | 8b62a4d92cbfb4074bc17d26a4929611d5dd4d40448221d6b1b884fa095e1771 | Triage

Sharing

General

Target

8b62a4d92cbfb4074bc17d26a4929611d5dd4d40448221d6b1b884fa095e1771.zip
Size

4.0MB
Sample

250107-aceb1strbx
MD5

4f8990ef52c83f8c0eeaf7e37f8bb831
SHA1

3f95f80d5b0e1ab235889a0929944599bfea3c58
SHA256

8b62a4d92cbfb4074bc17d26a4929611d5dd4d40448221d6b1b884fa095e1771
SHA512

2081040a09e73252e80c4bb019228cd34c3548c3ce73dee2fd0ee2c1be11a474cdf89112351a0256b657e28e530ac067815cb83bfd08251128f508bd5dd43da4
SSDEEP

98304:r/4wk6rYHqGcwLdRNO/d9M7Ko1JOzvIf2NTTkk6HcutLQ0cyLgE0LUt:dZtWNgeDHeIf2dQLQ0V0E0g

Score

10^/10

lumma discovery execution stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  New folder/Data/Config/test_vendor.txt
- Size
  
  1000B
- MD5
  
  80aec646e662ecdb8f7677b93f39aab7
- SHA1
  
  5fd0591618895472bbfa350c9ea59356c93d8346
- SHA256
  
  5912f1ba252bac927720d0342e63b16a7e273b63e097bb3d1c8e68f9b0703742
- SHA512
  
  19e5d35c78cdfb64ca5caaeda5cd3b46dec21aa77c85d421959fa771614e5265602277c85b7557e58cae04d166feab5a9c5cb6c70c512a29852eb7b1a68fa078
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  New folder/Data/DOMCharacterData_data_error_002.phpt
- Size
  
  383B
- MD5
  
  1bce0f644543bdda362af19acb0c75cb
- SHA1
  
  f5b834eb722ee6d65acc894ff0e4d25d2d95380e
- SHA256
  
  29d3e67c522205b50518a8df035cbc669203a0fa6d093084ddcd9f028c966d41
- SHA512
  
  6c35dc8d450d4062fd1da1417a97ddfdbcee10a35748a65259c78978146205d3a80f4e773b95dc70d6e86a36ac32f41fedc9b7e8f72a6fc048437ebba1e7c93f
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  New folder/Data/Microsoft.Azure.ActiveDirectory.GraphClient.dll
- Size
  
  545KB
- MD5
  
  21e96d7a25f8725d8e08c0966aeaf5f3
- SHA1
  
  537f9b5176cf3dfc11c1b3dd7fcc2a9074e6c8e9
- SHA256
  
  4cd12bc688746afe7abba4f76aba706802032d0e5b04457afa0569d524b50ea8
- SHA512
  
  0b4e24a192d01a6be6a296e41048344bb0d7f1cd23fc93ef05862f093253aef619623b52b2d0cc128fa6021ac5c2623e7d6aedc0f83568160478f65adb04d1c9
- SSDEEP
  
  6144:QcJrEPv825N81G+gHUerEls+AiIWHQoQ5tgYbfAski8xfAskzAxTaj:o8M+herGsrUwtN9j
Score

1^/10
behavioral5 behavioral6
- Target
  
  New folder/Data/MigrationService/System.Web.Extensions.Design.VisualStudio.15.0.dll
- Size
  
  187KB
- MD5
  
  8ba1e3c39fcd5f405dc1fbd904624e51
- SHA1
  
  36235632687a9f0145f8851531ed6ebd4ca8537c
- SHA256
  
  83a95d3b6444551b7bd2547ca6e5f6a5bc488e3b36087541211637201fd2b92c
- SHA512
  
  db71b76256141ec90796261ef1f4e1417adedf22f9bf1dd314243d80bbe0d0585e0a66bcea6110d94a0bac1d09138b54236e123cb02e33f6752ca8a4e296d15a
- SSDEEP
  
  768:ib7fhJUlFWUEUlyyffhlj8G3nkrtBVbh5WmgO8wQkkZ/Bl8STJsFqTEjZIdxv70t:0FQEUlxlj18VkSE8W281L7OizU
Score

1^/10
behavioral7 behavioral8
- Target
  
  New folder/Data/MigrationService/dvatemporalxmp.dll
- Size
  
  569KB
- MD5
  
  6264581b447eee4ea451521f2ea40184
- SHA1
  
  257d8ba2fe669c40dc9c0a6e10bd74b29b4bf7ae
- SHA256
  
  a0bd236d74d13a8b878d28a78340f552b69f178a133c424391d3cf5054ebb865
- SHA512
  
  a3f765df96e9393165c89527593407f0dfa0d7a500c7b08452d2f68b3979931d61424a09bc518826a3aac04ed50ab7456ef911d2d75029a2516e880199d2bdf1
- SSDEEP
  
  6144:kvOKVHnsSxWPo7Zb2d1bTbFv5SOGHD30OZkkMO/so4m:9KVHFRUfSpj9
Score

1^/10
behavioral10 behavioral9
- Target
  
  New folder/Data/MigrationService/helper/bin/wintoast.exe
- Size
  
  348KB
- MD5
  
  b412b24330409e5917080d3aa961789c
- SHA1
  
  78b29c6322f7233020d17b2e65906fb476bb068d
- SHA256
  
  18ff47cd790b9079dac609b1bc69b139bc28963a7ea67d4668eb4ffed18f1d78
- SHA512
  
  ba52febae8544b9d68f3a1e6dd8ce7346b85eab749e68d75b68c35742ab3095eb64d2cb66ff387b7478ad305ed776f82e1a4d818a7b3b6546361566757f70b39
- SSDEEP
  
  6144:LnbM/cNNCM73sOMHjTMVq2dkNBlQhEtqGaNnCohoE+rsrw:9N9kjkq2yZntq5NnCo8oE
Score

1^/10
behavioral11 behavioral12
- Target
  
  New folder/Data/Rapid/mysqli_poll_reference.phpt
- Size
  
  6KB
- MD5
  
  5c3eea468e40d772d36669a3fd369c8d
- SHA1
  
  8faa14a16b17bac31a717835c620c57996cb89e8
- SHA256
  
  0e8be1a03e075581b989fa984a7ec0cd1e40f0824bb1cf19ae792eb6e2305cd7
- SHA512
  
  a403e29ba79ffe7a061107a20118ae787bda92a53c7cecba7631e51b420751bf693202e88e2bf2c619af3762e896a9f60909bc1de55f6bd3cbdcc61e16d71a43
- SSDEEP
  
  192:bvMsdqBiQePgqB1Q38PgqBQQT8PsdLDPn1FPsNygqhOlC8P4:bvHdqBnqBUqBdd32qhb
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  New folder/Data/Rapid/sort_variation3.phpt
- Size
  
  4KB
- MD5
  
  d5354d13001d4f86881248ddc952da6e
- SHA1
  
  a8aa74c0b727d0b7aed7cf9b5ae9a96636b3f2be
- SHA256
  
  6d116bc991be2e5618c6efab8f47b5b83952442f8d2cd0a5dbc5db6a91fdebe8
- SHA512
  
  9fc45066e50fb69a49aa4dcd6a7a98ed7a5186eb628fd219494059f98fba7eb084b8a821fe5178c010685e028290d0cd6c3852ae7ed12d7d70de8eb7ce055a9a
- SSDEEP
  
  48:M2/+Cs0v8954hj05JcGt0XBqWtWKcBFPfhAv7FPfhAviFPfhc/6vP6v+kPzv0Pzs:MBN0hj0axgPapaUm/6P6+aTKTzHZ1ZK9
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  New folder/Data/add_007.phpt
- Size
  
  445B
- MD5
  
  7b7bd886db62b3ca4d25e7df4639f1a5
- SHA1
  
  e842536bd398b22df29b527ac6ba613fefe170d0
- SHA256
  
  0fd0f08e8d608bb3c46c3d242e5758bea99ea0c8eb7c19c87ea598a0475d6e29
- SHA512
  
  1215f5560e8347361bd1f242d7b45538703c2e577b5ab7d88f81c766dd9b5d2e3359c7e9f1722e046ab233b8ef1c0a723b94942cef6aa88f24cc01f07e02bc79
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  New folder/Data/dom_test.inc
- Size
  
  1KB
- MD5
  
  0a79fb2493d43b639ca1cb215aea65cc
- SHA1
  
  41859d9b67dec66e0e7f3079b783cfe7f60b50b3
- SHA256
  
  5cbf33ba9058e6a4b6c313bd0a806863c21a4d5c41559875c3581d2c6654afb1
- SHA512
  
  7d8f6d1a7230490112082aaef7cc397ba4aaf9662d9019f5133e7a3b0aab4c24fb4d33c8673a20c50635c94ca8c1c48e181502716379efceff042006506af444
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  New folder/Data/msenvico.dll
- Size
  
  683KB
- MD5
  
  c346dca20fb65853c5d5e0026390091a
- SHA1
  
  cc985c0edfd450a0c0b85f0521de46eb61b21adb
- SHA256
  
  c2a84abdf647e4a3f1671b33806f0283257627fe91c717bcd0eac14cced0b00d
- SHA512
  
  778cccab5f0ba187f77bec54ac1ca43b2930aba1a387e98b142671a30419b40400f1eadaa280a6bc899c50f64027db661a9e2bb43fee1006125b242cfcb4408a
- SSDEEP
  
  3072:2Zx55LPHCaJp9mrGAj3w9QsdkQQMKZonA8YaQhNosoMeuiVehE:qZPHCa79/CA9QMQMKZj8LQhNosoxuiIE
Score

1^/10
behavioral21 behavioral22
- Target
  
  New folder/Data/serialization_objects_009.phpt
- Size
  
  540B
- MD5
  
  c208830c831716b0055bfd8868f1bda8
- SHA1
  
  437bce21269d3fb05ca3032867488805e629d4d8
- SHA256
  
  ff9aadf0e165b1b9d26e9f8bb7a997ddfd537d22c0063f0fe3a19a2a912f7388
- SHA512
  
  4420fce04ccc67edf68117fcd330e01965069707caedb58cbe46beed85ff293dfaf34ebe6b922995b8d5fc04049f13c0770b931e7e4d60a5153bb941b16e1300
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  New folder/Data/skipLazyInitialization_default.phpt
- Size
  
  1KB
- MD5
  
  bd6a0dac960294892a7c243a083284a1
- SHA1
  
  4d643759d8cebda7ef1e5dfd766e293cb80b100f
- SHA256
  
  d081c0a6278ac634ec48ff2f0b89dca85df0201b4d514746d75017a4670485cd
- SHA512
  
  2fa3feb5d3d0da64a94f25e23d34dade2659dbe49158691102828bcdac1472db8e75a2f3b4736c056d5523b54de22a815cf8276694a6a57d0646eae66177830b
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  New folder/Setup.exe
- Size
  
  665.7MB
- MD5
  
  fdd6404bca6c3d345e63b5951702eeca
- SHA1
  
  54281052f8e27002a146a64ab8c12626c91040bc
- SHA256
  
  dc0c4d24bc55828f05ab6945e62f698b526013205b03bd30a2aaf1912ee364ae
- SHA512
  
  82459f5130eed8a8ec094b0fcc35d7c9c11f2157b4bc10843392436de81838645c1722286b67ae34a0c0452705370710ea484e6502c4b86080c79c76c6462654
- SSDEEP
  
  98304:tNDxwQ+8btvockyGcX+o7whyFxi5A/T2OV/GU2JIvXE7Ckgr09KPYitpMI3grY:Hh+8b3zj+owsxi5uT/VcRvj4mM
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral27 behavioral28
- Target
  
  New folder/sqlite3.dll
- Size
  
  1.0MB
- MD5
  
  2e96ca7b9485a401a6b2147dc8d82053
- SHA1
  
  95b74152109b05e8ef280669c5e136b60bcc5132
- SHA256
  
  1eb662adeda502e661da31497f9343c5c8e3b0e4eaff29e757901ebede87fdbb
- SHA512
  
  d45359b880cdc0f5f99f005daf26d1dfa4b80552346a62b5bb61cecd84455d199c95347965fdcf5c82ce89bbdd462c03129504f7c952b5c21d3811d6cd24c363
- SSDEEP
  
  24576:6oigHd9e5I2+McQDjtNlwTVELElvQTizGU55q:6ebMnntbhLElvQuzGL
Score

3^/10

discovery
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

lummadiscoverystealer

behavioral28

lummadiscoverystealer

behavioral29

behavioral30