lumma | 8c74e73a28b69fe3d7dc298d6d0ea944386abcea8b8c9fe3d2a7531e1e38a7ed

Sharing

Copy URL

Twitter E-mail

General

Target

bleoso.zip
Size

32.1MB
Sample

250107-x96h4avqaw
MD5

140ee3cc2325d1c5a5a274c9ea67cf0a
SHA1

70cf8e7aa8e7186ed8a83b823617cbb3abe7c12f
SHA256

8c74e73a28b69fe3d7dc298d6d0ea944386abcea8b8c9fe3d2a7531e1e38a7ed
SHA512

e9e7e049c705b3ccd09146c4da7463bcd67bd579f205e0583fcbe3a09ec56415fad7f2bb533264e9a649dd7ff3070336926f44eadc1a5297d39f0d9c8949a17c
SSDEEP

786432:wN4RwYgvZdU3GzD/mbqM8VLQAjImEW3kzlXU:wWR0hb7RtQVtU

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  bleoso.exe
- Size
  
  1.1MB
- MD5
  
  5421ec33225b0ffbc3e15ff647b52064
- SHA1
  
  47bd52bc61b7ca0870774e5e57ed044a08c73fc3
- SHA256
  
  6d7f1b46227593ce58ce2eac041a23e90f9fa45b2d609f17b1ac0cef8959ed0b
- SHA512
  
  c0e1b5df77455e3afb3a0bcc029e81f551e99b832f816cb362bc9e0b0a1fa54dd6e09e7b201b2276a1d732784f2b00a41db264ba365fbfa88b8087da64547b9b
- SSDEEP
  
  24576:+ifOu5Zt+AnkGPKv+bN8fspSkVfIhohNkokVQAb/20Ux6LNgZNmb7Tb7j:H2uRkGPKv+Jfe6rjWT0UgzU
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2
- Target
  
  jres/Welcome.html
- Size
  
  983B
- MD5
  
  3cb773cb396842a7a43ad4868a23abe5
- SHA1
  
  ace737f039535c817d867281190ca12f8b4d4b75
- SHA256
  
  f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0
- SHA512
  
  6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  jres/doc/Welcome.html
- Size
  
  983B
- MD5
  
  3cb773cb396842a7a43ad4868a23abe5
- SHA1
  
  ace737f039535c817d867281190ca12f8b4d4b75
- SHA256
  
  f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0
- SHA512
  
  6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  jres/doc/lib/deploy.jar
- Size
  
  2.2MB
- MD5
  
  2388c4c8d5f95e0379a8997c7c2492f4
- SHA1
  
  906bf87eb1d8881abadbf93a3c4bba7887ca2a01
- SHA256
  
  a1fd508eacf76645eb0885b243b5dd14239f1e039e8b53ed038226df91a30539
- SHA512
  
  2cce11a5f97df842964b55408fcf1ec84c0cd561e664aba3a51275eafe59d7c920fcfd954c527da4d53acb191200cc64bf8150a33bcb9b038f36adb2cc69b1a1
- SSDEEP
  
  49152:ABSxAmHHJwEu4l3Dyz7oQHeNHJJ2aAvfZc:ABEtHHaEuI3Dy3oQH2pFAvW
Score

1^/10
behavioral7 behavioral8
- Target
  
  jres/doc/lib/javaws.jar
- Size
  
  465KB
- MD5
  
  5d8c1723f3005bd63dba2b478ce15621
- SHA1
  
  ab26a6167789dcf81a0c40d121dc91005804c703
- SHA256
  
  b637b78cfc33c92d4838d5fabfd0647ce03c3ef69d86ef6a7e6f229510aaf3b5
- SHA512
  
  9830ccdfe913a492bb4e0015ee3e729bea8ec1f22edf48ed7ce2aefd5376df24f33948b9155e31edfa9bc240544406fd2c43a34dd1366e4936b3318d3ca5ed1c
- SSDEEP
  
  12288:k4VtaECp5plmgYhuWvHuR9Ta/+Aw7okxygk+W:kUChlHYHMaHw7XxW
Score

1^/10
behavioral10 behavioral9
- Target
  
  jres/doc/lib/jce.jar
- Size
  
  112KB
- MD5
  
  a39f61d6ed2585519d7af1e2ea029f59
- SHA1
  
  52515ac6deab634f3495fd724dea643ee442b8fd
- SHA256
  
  60724d9e372fbe42759349a06d3426380ca2b9162fa01eb2c3587a58a34ad7e0
- SHA512
  
  ac2e9ab749f5365be0fb8ebd321e8f231d22eae396053745f047fcbccf8d3de2f737d3c37a52c715addfbdbd18f14809e8b37b382b018b58a76e063efba96948
- SSDEEP
  
  1536:5sNJO+ylt6se6sgU0w/XzGYWuSy15DudYLSfaxwpt5g1naZEqwoJ8sYcF+z/VSG8:aj8GHXZSy1pudYLdQe1ATtKVS+ws9O
Score

1^/10
behavioral11 behavioral12
- Target
  
  jres/doc/lib/jfr.jar
- Size
  
  547KB
- MD5
  
  ccb395235c35c3acba592b21138cc6ab
- SHA1
  
  29c463aa4780f13e77fb08cc151f68ca2b2958d5
- SHA256
  
  27ad8ea5192ee2d91ba7a0eace9843cb19f5e145259466158c2f48c971eb7b8f
- SHA512
  
  d4c330741387f62dd6e52b41167cb11abd8615675fe7e1c14ae05a52f87a348cbc64b56866ae313b2906b33ce98be73681f769a4a54f6fe9a7d056f88cf9a4e1
- SSDEEP
  
  12288:G5l+qU67FYWg+YWgYWeoXqgYSq8eh2f/m5NwaHkSIJHvWQ6Q7ooMcgH5lY7TQ5cD:G5l+qU67FYWg+YWgYWeoXqgYSq8eh2f3
Score

1^/10
behavioral13 behavioral14
- Target
  
  jres/doc/lib/jfxswt.jar
- Size
  
  33KB
- MD5
  
  c401e00a5de0dd9723885cef9e2f5a44
- SHA1
  
  b6735b93811517f062a20869d8a0b57faeff6a90
- SHA256
  
  c6574f4763696f2a83028de143d9ed1c975062ba2d44cc5c91558751fb84bcd6
- SHA512
  
  595b950ad5bff930654bf7fb996ba222d19b4f175821ab0fd6ec4f54d4b7d62b37757429051d1302bc438ab76350b4cd0a07ba712caecc79dcdb0c60494b5ab2
- SSDEEP
  
  768:xYJfTGikW6VajSe/SA5vN9kqizE48ojVxQYuW+t:xY5TpkK/nFNIzptjVxYHt
Score

1^/10
behavioral15 behavioral16
- Target
  
  jres/doc/lib/jsse.jar
- Size
  
  619KB
- MD5
  
  fd1434c81219c385f30b07e33cef9f30
- SHA1
  
  0b5ee897864c8605ef69f66dfe1e15729cfcbc59
- SHA256
  
  bc3a736e08e68ace28c68b0621dccfb76c1063bd28d7bd8fce7b20e7b7526cc5
- SHA512
  
  9a778a3843744f1fabad960aa22880d37c30b1cab29e123170d853c9469dc54a81e81a9070e1de1bf63ba527c332bb2b1f1d872907f3bdce33a6898a02fef22d
- SSDEEP
  
  6144:ABoQeW0HKwYGORU+ehqEmke1WEAibVR0GPs4j8GgflXhuuMAjYDTj:Uo40WGdNmpb3DP75
Score

1^/10
behavioral17 behavioral18
- Target
  
  jres/doc/lib/management-agent.jar
- Size
  
  381B
- MD5
  
  b608d45dcdd7a4cad6a63a89a002f683
- SHA1
  
  f6e3bb7050c3b1a3bed9b33122c4a98e6b9a810d
- SHA256
  
  52ca96531445b437dca524cb3714fcd8d70221d37a6b9c80f816713c3040dd0a
- SHA512
  
  407e7ca807826f0e41b085bca0f54f0134e3b9ac16fa5480ede02774067dad46aa07d225ba2981dec2a7297ea57721eab8c54e8bed83d352ec6c00abfdbbf626
Score

1^/10
behavioral19 behavioral20
- Target
  
  jres/doc/lib/plugin.jar
- Size
  
  988KB
- MD5
  
  54ef6c22faaae5850091031763078d37
- SHA1
  
  11d40b78bb606e245cb5e17c6ddb08193a34b40e
- SHA256
  
  654b033b1dc315eb9806f0d35abaf3f25064ac806292acb2bd818f6b2df2ad07
- SHA512
  
  10998b6508d5571e1ece2001c6e561169d3dbd7580a3de439067d1195fbe85e6bd1729a0874e306234391af963e1b062050276e1ac0e9c9fa289711738b41b31
- SSDEEP
  
  24576:q7jNpf26MPAMSL/wxSz2ijt2eejo+oV3vv:6NVZEaL4xSljt2eHNV3
Score

1^/10
behavioral21 behavioral22
- Target
  
  jres/doc/lib/resources.jar
- Size
  
  3.3MB
- MD5
  
  9a084b91667e7437574236cd27b7c688
- SHA1
  
  d8926cc4aa12d6fe9abe64c8c3cb8bc0f594c5b1
- SHA256
  
  a1366a75454fc0f1ca5a14ea03b4927bb8584d6d5b402dfa453122ae16dbf22d
- SHA512
  
  d603aa29e1f6eefff4b15c7ebc8a0fa18e090d2e1147d56fd80581c7404ee1cb9d6972fcf2bd0cb24926b3af4dfc5be9bce1fe018681f22a38adaa278bf22d73
- SSDEEP
  
  49152:WX4zfeUcKDQ1toKXiO3fLxqhH3YRazQwIK7XgnyRMvMtMm55HopLKbtJzUkMkOBV:GL
Score

1^/10
behavioral23 behavioral24
- Target
  
  jres/doc/lib/security/US_export_policy.jar
- Size
  
  2KB
- MD5
  
  ee4ed9c75a1aaa04dfd192382c57900c
- SHA1
  
  7d69ea3b385bc067738520f1b5c549e1084be285
- SHA256
  
  90012f900cf749a0e52a0775966ef575d390ad46388c49d512838983a554a870
- SHA512
  
  eae6a23d2fd7002a55465844e662d7a5e3ed5a6a8baf7317897e59a92a4b806dd26f2a19b7c05984745050b4fe3ffa30646a19c0f08451440e415f958204137c
Score

1^/10
behavioral25 behavioral26
- Target
  
  jres/doc/lib/security/local_policy.jar
- Size
  
  3KB
- MD5
  
  57aaaa3176dc28fc554ef0906d01041a
- SHA1
  
  238b8826e110f58acb2e1959773b0a577cd4d569
- SHA256
  
  b8becc3ef2e7ff7d2165dd1a4e13b9c59fd626f20a26af9a32277c1f4b5d5bc7
- SHA512
  
  8704b5e3665f28d1a0bc2a063f4bc07ba3c7cd8611e06c0d636a91d5ea55f63e85c6d2ad49e5d8ece267d43ca3800b3cd09cf369841c94d30692eb715bb0098e
Score

1^/10
behavioral27 behavioral28
- Target
  
  jres/lib/charsets.jar
- Size
  
  2.9MB
- MD5
  
  0b3923abb0d48fdae7a2306717967b39
- SHA1
  
  0882294ffec2769023aa36ff9cc53562f8e26020
- SHA256
  
  e88aec2a49f07cac9471d9e4c113fa189600b57245685814d043c20ea8a8b471
- SHA512
  
  cf622081b290140ce8419b30fb25442f7204c9a37e1490030a4d656f66c509946f48c50cc7794da51007efb202805605fe3c2ac3534d63fbf928ea35ce16a040
- SSDEEP
  
  49152:puZi4j4TQkgaSOHEhjy2twRYEc1sJzlbguMuD:puZiW4smxGocuJlbgq
Score

1^/10
behavioral29 behavioral30
- Target
  
  jres/lib/deploy.jar
- Size
  
  2.2MB
- MD5
  
  2388c4c8d5f95e0379a8997c7c2492f4
- SHA1
  
  906bf87eb1d8881abadbf93a3c4bba7887ca2a01
- SHA256
  
  a1fd508eacf76645eb0885b243b5dd14239f1e039e8b53ed038226df91a30539
- SHA512
  
  2cce11a5f97df842964b55408fcf1ec84c0cd561e664aba3a51275eafe59d7c920fcfd954c527da4d53acb191200cc64bf8150a33bcb9b038f36adb2cc69b1a1
- SSDEEP
  
  49152:ABSxAmHHJwEu4l3Dyz7oQHeNHJJ2aAvfZc:ABEtHHaEuI3Dy3oQH2pFAvW
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32