lumma | a62336567025f15d3680206d9f4e176c123c79c5fe602fdf6af164f87762bba9

Sharing

Copy URL

Twitter E-mail

General

Target

InstallPack (extract.me).zip
Size

53.5MB
Sample

250109-y9n5gszpbw
MD5

1114e0fe6d0da60440fba19c2f4803b1
SHA1

59134c84a78a477ae1a97381d6733b7fbed89224
SHA256

a62336567025f15d3680206d9f4e176c123c79c5fe602fdf6af164f87762bba9
SHA512

369cda0e0f46ce2c76e60b9ab09d5d0566df3bfcbcd6c4b06717915a13ebf9dec145cafe06f98dd937705233be1637fbaa73bfe3c7c9abc19b90b7988d465a24
SSDEEP

786432:NK9NNAk6fGK9NNAk6fuvHSIGO2ZkW3BsUSmiBC/7nqwz51Nlu8+AEK9NNAk6fcKT:N+r+LvjWRk3EnqqbNlGL+b++A

Score

10^/10

Malware Config

Extracted

Family

lumma

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

Targets

- Target
  
  bin/Core.dll
- Size
  
  274KB
- MD5
  
  ccab470075c23ffe0bfb7d700cc71dce
- SHA1
  
  a4c5adeda9552326ed3575db0a5a999dd848a045
- SHA256
  
  5a773054ad19f33adbcb77201e44cec9a3698bdd22e352df028c165a9e75600d
- SHA512
  
  03e9afdc897b491d3c5697f01f37d9fc2a8a2295b19f1b9c5f6d880f6cb8fdda71f1cfa8e78c76338e7e32a37382a410ba6bc12b1ff66ec18c438fce72687bc7
- SSDEEP
  
  6144:eEY9ip6PxwK0OhOd+w2JcNMfnlvX5KQNzjuG:eEY9IK0OhOZ2JffpX5K+uG
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  bin/FileSystem_Proxy.dll
- Size
  
  359KB
- MD5
  
  fbd9f9fe1e6f9885ca11a799e6a774dc
- SHA1
  
  b360fefffc0c1be8d306fdb13d36ce4e2e3afdc9
- SHA256
  
  41360fb47019f747230d59e382d169f5aacdbb5dd50befed2b342cf3db30a6f2
- SHA512
  
  1c9133d2a93c64cda3291045293bd381f61435380bf2454d6ae9307f3c2c6ca90466b38cd0e94943a5264f6fcecee44a1465a81adc35f60ed1747492501984ca
- SSDEEP
  
  6144:6U2qVMZfePI0n7kw94Rxniu8j1C/ANs3ph0lhSMXlBXBW/0AO6iu4Ff:6CznIw94RViuNANs3ph0lhSMXle0g74V
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  bin/FileSystem_Stdio.dll
- Size
  
  122KB
- MD5
  
  b9c70511f562d386caa1e6e7c67d52e8
- SHA1
  
  a6280fa878b7329865ed489a111fa40e28985a7f
- SHA256
  
  d73c38f0a90e04aedc66a20599faea2449aa345f6a124436ab655ecb02c151a2
- SHA512
  
  a76d403b7a29b98a36bf334dee6f9bae26e3745a7d94f6569a7df6f4492610bcbcb51926da9bc1e4eb2b85cc37cabbe2cc05ae1a5412c3debcf69de1dfcc428d
- SSDEEP
  
  1536:uEl8Fgjurxjxptf93iqQig4iAjf+TzJoEalf4gF8nO0ALBc4BkGtaoB2NB7:6xxjCqQRLA+or4gFJTKC1taoB2NB7
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  bin/a3dapi.dll
- Size
  
  206KB
- MD5
  
  0b3f04a2757f5e43140ac81db1afdc42
- SHA1
  
  57c666aebb0fb59ac86deae9e6849e3268a05703
- SHA256
  
  f05b2eeb851b174ef2b39c4728687915648ae33780a65cdf7f0c7ce99e6a67af
- SHA512
  
  1df19cac3b3ca5a45b50ceddf3e7ecf60b8521c9b589d9c47219ce8d056d6d244516922627fd522818fd8383788924a6589baba9f3984f749ebb992e4de327b0
- SSDEEP
  
  6144:5atuZySlWDRI0jcAwcwypEGmFPHrA/8/5mB:55yd3EcbpEGmFPVkB
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  bin/avcodec-53.dll
- Size
  
  1.0MB
- MD5
  
  bba1fe328cea501fcce1e5df16276439
- SHA1
  
  ed4ad3a8d6f0e3dd86abb19bc18127f960ea2131
- SHA256
  
  f5522d2c936de8d53f97a6ec439d8f8391cb50a0bc6008a399f9454c00929d35
- SHA512
  
  8f585d57baa39d3e5e6b62efea53b6b3797319ae86c0c4373774d08e284a49c0bd005e200ae4fabc789470b3f100f98c8ce503fd4702f79dcbf4be4aabc58a9e
- SSDEEP
  
  24576:AvFsWsTZw0h9+Ed1c0IHtUqnm5AmeU4QATwj5H7liH3Yq:ANs9Fw+p1c0IHtUqsAmevTwtliH3Yq
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  bin/avformat-53.dll
- Size
  
  187KB
- MD5
  
  c5ccb86cd745746b9908031a54315f90
- SHA1
  
  d00147298fc236730a4076d5a03444ac970d053b
- SHA256
  
  ac1f83180e07ac2b3d1e6f80f94aee0b2591be13e8a1fe63998cf7f0a9f18f1e
- SHA512
  
  bcf3b40b241cba632d9fe15426d28f2ce4460523fcb1992d29ba2d85f9ee2973c7c23be0013319a973a11d2eafe882cf611d976ccb5e5877d393a035d652cbcf
- SSDEEP
  
  3072:sr928cq80ZkRaW391QjTnXPXFvbZ8/pLGVg+QwRlkR6j7lA8b:sr929YWaW3YjzpV8/YVg+wR6j7lv
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  bin/avutil-51.dll
- Size
  
  121KB
- MD5
  
  2a8b8a15a58edf3b443083ec29894e54
- SHA1
  
  b63a322d66472fbd2fb7723847af0f995bf9bf84
- SHA256
  
  84e6875f1869b8cfd73525f0c04f1bf2cf0d0d08b1226f62cfd44ff14fe0345d
- SHA512
  
  6209dc4e3ddfa585eea3cdb26fe1b731962be4a0e39b561de6d16451e48cfcf0459f474fab54f97babff87b969365895737f57d6a22c26b57cb3447230f0aaed
- SSDEEP
  
  3072:ifLOXurSBlfHfG2N1X5S4RvSCzdPV0VXkjf5dF:MElt3SsDdPVLjf5dF
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  bin/chromehtml.dll
- Size
  
  854KB
- MD5
  
  43d2a3b6f8125842e6ea136897493af4
- SHA1
  
  6da109accd14d388c411a0db39a7e3fdb5163bd0
- SHA256
  
  b2b88a7555e598d5d84957de6e60c66260bd1683e2ef7a0008d17f55ce5bd790
- SHA512
  
  d6770d564a3c3087636eafe1fe92988daffc7d0aad639ebe996a46a0ab5d00ced039711f81e4e49657d7517a8f4ced1c6c767ff8e2d0b2230219ae73a6137491
- SSDEEP
  
  12288:VfE6PFxZfgm9PYifgEEJeeZKBjX6vp3oqaVxcS8yHmasFMC9zwrunz7sbHa8UgTa:u6PFUoXpmasFMGw+sbxaCqbHudY
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  bin/hw.dll
- Size
  
  1.6MB
- MD5
  
  a74c64de593e2533c04200c5417bd9e9
- SHA1
  
  f0f7372692f285154c76be35fc50b89ed0ea2d18
- SHA256
  
  be45f76049a133392423679d334c69c8e1e7e82dc873eebdd229ea0341ba1b10
- SHA512
  
  76ed60efd226aaf32788b27e878cca71560bc4a533d12b29cf22bd9d12a14e6dc26d831c2541fcf128dac46e7c539a65198fce36f1c7e99c21879aae3cd01ccf
- SSDEEP
  
  49152:Pn5eTLq8KRr1h1naYZe2+h6yfQDnlRZJB1/2:BeUn1naYc2X7lPU
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  bin/icudt.dll
- Size
  
  9.5MB
- MD5
  
  045d0f4f41ca53d4cb22bdc814a22b64
- SHA1
  
  63e1df7559eda81c8c0869f7f2144f553f94dd03
- SHA256
  
  a20010e097e5a4ae7f7065da7b290cb535d1ef98a6a7cc299a343e26d688aa5d
- SHA512
  
  1792331728a0abd284d638ad5d29aaa71a5c34bde611f33fb416c7c0be5d9748c606e495f4dc40a880983a2ab9bb04f1406e26fe835df470b37c241e6b2007b5
- SSDEEP
  
  98304:oyIexx5hdtkqAYv7CagQZhzvilh2WhHa8807suLw03:oyIej5hdOqLCagQZhzvilh2Wkcbv
Score

1^/10
behavioral19 behavioral20
- Target
  
  bin/libcef.dll
- Size
  
  19.4MB
- MD5
  
  60be2cec0d95bb135d4452f39aac6805
- SHA1
  
  e2de1c24e924d16d66d7d128bc63213f04500d9a
- SHA256
  
  391b7e66004d7845f5caa7d70f106dac7d0b49538954c55601ed7b5985c3d699
- SHA512
  
  d50579fe0176477da1c78aeeafb1c9fdaa8905646d9fd32edd4bd2ccdd0591b97721d9cef4a546fcc6816a0ab56f9c2c6c31ccdfc19e7ad998a6ebddb6a3921d
- SSDEEP
  
  393216:fd4hk/HQezExvwV4mRmT3E70OQSf8j263wrUGu2SfYpfPvZTU:fd46/HQJxvJmP70OQGupwrM2S8U
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  bin/next_lib.dll
- Size
  
  10.6MB
- MD5
  
  b99b85f279267f2f7b68054b2098d169
- SHA1
  
  7d1b5c59e853b3d7a8126d2f11b46c77292b08db
- SHA256
  
  5d3c4f629fbdff275d2850d1f20f178836b7941bf1e85918d7d20b1f178f5e9f
- SHA512
  
  94f18e01a1cb69bbfbecb7cd2ebaded378191e66254a18bd3cc63d1d559abcea8760b9a416cdae56a78fc7596e6e15e570bd954f46f7faa2ada3a52bb98abda9
- SSDEEP
  
  196608:xxFXzRDkwsEfb1JABAwSo42dZkQXmcTclLmMmJEnTJ:xfXzRDkP4xlo42dZkQXmcAnDl
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  bin/nitro_api2.dll
- Size
  
  2.2MB
- MD5
  
  a720916c7fba016661a2ffcf988110b2
- SHA1
  
  cd0238eadba7e929170db0bb045a8e1ffcc8f435
- SHA256
  
  edbefdd9a66b71b0b0c2abb7472ab5ba0d0fca241653891bcb08d8ace532d3a9
- SHA512
  
  ad3575e9f4078eb5566da8c442999b53c5cffa5c2f6aacd8f936a3c2978f80038a91337c52d2edbda27a9077924a609ef718a42b46b47dfdccd662345a778820
- SSDEEP
  
  12288:rMneT82jeNJeVNh0tQu0eMW+9j03yhwJLpNhuw6k1fvjIJTRTxaZ9m/KotY1n8f2:oU8HJKn0tQGMjljwJjD6e8B69Q4T
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  install.exe
- Size
  
  4.8MB
- MD5
  
  a64bdb378f37c223b3af04e69f14bc26
- SHA1
  
  ffe40bb653bdc6e3f09b65ac86ca8dc07bc7355f
- SHA256
  
  16d967a740d78964fb7c834cdd7e920b11ae4852feacf8b1a4d08734ce688668
- SHA512
  
  0018f90be21091fb582816358e56c750732342d743dd82a68dccc7031a003db166f4cd78225cc1257a5d64568a360c49abc754fe1769fba6cd64b8c45209dc1d
- SSDEEP
  
  98304:ypC8YVQv0tl2xD/kuJQzHSG6Py3rGc+ZevfcptYAmy5wOdUMu/eBjAKlfngWqIXk:VVOJQzSKfcptzwOdlueV/qIC
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28