lumma | ccf93c9773bceab839347138cb59d8440d187229dd5022eafd4c8fd4fcdda9e2

Sharing

Copy URL

Twitter E-mail

General

Target

Setupv2.5.1.zip
Size

1.5MB
Sample

250110-arjv2sxqbr
MD5

2eb675c54b56021dd1478eafa6470f01
SHA1

a0635df2875a9a909f5f0ef6b3046b282806eee1
SHA256

ccf93c9773bceab839347138cb59d8440d187229dd5022eafd4c8fd4fcdda9e2
SHA512

e994da77f3395716b23a8f7677146e9e70d9f4218110c4d6a21effd25fbeb4343055d8c26868ab716fb2d304616eb47cf523c456a6d21da56b07ff35c001c2fa
SSDEEP

24576:0auR55RykXpiHrvRnTvPFR7o40baOReu9rYHa8L8fNA6Nlbf9deoiHXKAGceR8xa:c5RykZijRnTvNlnbORewrYHa8mN3ZSlI

Score

10^/10

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  Setupv2.5.1.zip
- Size
  
  1.5MB
- MD5
  
  2eb675c54b56021dd1478eafa6470f01
- SHA1
  
  a0635df2875a9a909f5f0ef6b3046b282806eee1
- SHA256
  
  ccf93c9773bceab839347138cb59d8440d187229dd5022eafd4c8fd4fcdda9e2
- SHA512
  
  e994da77f3395716b23a8f7677146e9e70d9f4218110c4d6a21effd25fbeb4343055d8c26868ab716fb2d304616eb47cf523c456a6d21da56b07ff35c001c2fa
- SSDEEP
  
  24576:0auR55RykXpiHrvRnTvPFR7o40baOReu9rYHa8L8fNA6Nlbf9deoiHXKAGceR8xa:c5RykZijRnTvNlnbORewrYHa8mN3ZSlI
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  Setuv6.9.86/PhysX.NVX
- Size
  
  21KB
- MD5
  
  af726aff05a26badd36c25dc476e7a0e
- SHA1
  
  13d7b19ada73fbcf082f5f2f7fbc6fd468585dd4
- SHA256
  
  abc4eb7e89a5f94f67ab40b7a8adb4bf9cb4900ddfdeb54bcdf5eb0e1c478b2d
- SHA512
  
  7f434eb1a5edabcf47cf7b6b7d6afeaf96a3ee85dab92ec9e4c4899c3c3a5d989e6486046b3376fb4ffc524ab324954bbca36c9bcaa7bab4bc3223faaf491e8e
- SSDEEP
  
  384:U76oReNii9P2CLcmgigmJPC2KfuGIf0NNfhHk0fIx7fnCGfSRlFf58Xf7Glx6Cx7:U76oReNii9P2ComgigkC2Kf9IfMNftkW
Score

3^/10

discovery
behavioral2
- Target
  
  Setuv6.9.86/PhysX.nvi
- Size
  
  35KB
- MD5
  
  890542cc8613560c5e6431e53ffd5c02
- SHA1
  
  da954ce5ccd4c2ca9440b67cdc047d65b09067be
- SHA256
  
  f2d55232e244cfbf0c6ad3d062a3466dca57ace0d03bb8f590f94143051a9e10
- SHA512
  
  2b8b0bb4d8d6b0b20ac457e9502f1e6b7a103929cbb7ea67f3017ee710d9562268f7f9b274cdfa52aafbb0bd6e8d355f419555643cdb288812b1a36529de51ba
- SSDEEP
  
  768:xZ2czpU3IcdcC6tW3M3sFzxZhB6CW+WOF9WuBpsuz9hiaXPsYlRocSOUSjRA05Js:P2c9XcdaFsFzxZhB6CW+WOF9WuBpsuzS
Score

3^/10
behavioral3
- Target
  
  Setuv6.9.86/PhysxEx0t2.dll
- Size
  
  2.9MB
- MD5
  
  6ff985653d41e8d60bb1293f01729adf
- SHA1
  
  1ae3086a16a91ea45c06d34071d8b3b87e058804
- SHA256
  
  224ba9fe747ed7266a392961586db8a716553b85760fe3083e6d345034868d8f
- SHA512
  
  fd47a81000dcd98adc03d1f45a172c19b2e8aa3c8f13338bda0b00407f7b81b52e0fa9be3f9ef87fb1303231225e83b9dd8c39a0777ee56ccd54abc52d095b87
- SSDEEP
  
  24576:fZJJSVBjkvvhwVxKKpQgRQ8sUOwDUsHeHfcKtaPRO/o5o4Z/5rLyv+Fe:xJegvvhTKTRcPDqho4F5rLyW4
Score

3^/10

discovery
behavioral4
- Target
  
  Setuv6.9.86/Setuv6.997.exe
- Size
  
  705KB
- MD5
  
  d5917e889f8facae25ef3c35e3cc2fc3
- SHA1
  
  c72e0fcccf29f187433cd7d0b49ed2cca1ea8474
- SHA256
  
  39710ed8a0ab2db1d2388e27429edc1e0b34f3691d85c0feeb5fe4e3b179e6db
- SHA512
  
  f53f09e71332c618bb6bc56a641399118e2b507db528ac476d1b3c3be70aed5d6067b9154ecce2db6d0662c576364d729eb8a01366992c6899bcb33d580662f5
- SSDEEP
  
  12288:yZOOIkzlNMaPghgAbLe3ss+YRdKYt0eFPghgAbLe3ss+YRdKYt0eIlr7v:DOIkTM0qXXeuYeeRqXXeuYeeUr7v
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral5
- Target
  
  Setuv6.9.86/V6.9/0000.ui.forms
- Size
  
  60KB
- MD5
  
  a68a506afcfd78b3186b586c0bb17211
- SHA1
  
  69107a6f6aaf8613b84b2ae55d932d48d7d29e1b
- SHA256
  
  44783c068e6d2b30190006225d2bc586a98096d56f41f78e348bbae828cdbcc8
- SHA512
  
  7e8eb1643f670772a7ce1a42910847bc8133f463adee428987934110cf2225954b4c8586890e0ebc6d894c406bc5b61fe430c63b67ded4765017186119aed75c
- SSDEEP
  
  384:jvaw5hUay8ncuNkctpoEcQNmcvZnMmGX0aP5fbU8oUjoJUmoJ5UCoJ5+UgoJ5+tt:EsY
Score

3^/10

discovery
behavioral6
- Target
  
  Setuv6.9.86/V6.9/0000.ui.strings
- Size
  
  1KB
- MD5
  
  88b402cd5cf6c9145b6c9aba0de7fc20
- SHA1
  
  71fa5024b381cf06c60874e41b7d42c263441f3d
- SHA256
  
  e792f8a6666c05d723d9c19325aa3429e35df36a72cc4c229dc2cef0876de79d
- SHA512
  
  579e7227c721d19ec5e52ee37bd7fad0cacd96e8f898bb6cf26063c4fedadf8c78781b11285e8e1d25263277b3b069b5df182158123655b74de4216d69e97ee8
Score

3^/10

discovery
behavioral7
- Target
  
  Setuv6.9.86/V6.9/040a.ui.forms
- Size
  
  5KB
- MD5
  
  e3b162ccf4980ed314d76914eab0b152
- SHA1
  
  adc8342dc84135f1807a22f5b4e6de61dc1872ee
- SHA256
  
  cd9bbb99b5297e0eb206c46c3a49906cdc20dcbdb03f3ef4759a73016ae52d1e
- SHA512
  
  d3601a24ae10f2050e39ee10a1457547e3bf8dd5cbf9360f6b5dbbe624c0d6d94f2e2ad2656e550405386ef039ceb54d5038b635dbf7aefa4b990db1f4a33b95
- SSDEEP
  
  96:SULx2rCiVffJIJxhMzguLWv1Nf5V5q0vgZfNsZ77rhm4zXjZHPxfbfPHDl:SULx2rCiVffJBzguLWv1l5V5q0vgZfNm
Score

3^/10

discovery
behavioral8
- Target
  
  Setuv6.9.86/V6.9/040a.ui.strings
- Size
  
  10KB
- MD5
  
  b7d997d903869b30f78543142c8b890d
- SHA1
  
  807840d713964e8029e3aa9b07b3626ce785b004
- SHA256
  
  f1c701b8c4ab9ddbcc8d46084c4a20d4aa64bf3f2cf42afdd1010efe8d147f66
- SHA512
  
  0440dd5ef3c4a5ee07b7e08ed9a9eb12ce55c7bbdd89c471cffea216970f2716a222934ea34daeda821e48a46652003a824d66d434f1071c122d296294ca59ef
- SSDEEP
  
  96:qumjfCmD7DLbW5EuivbhMrJHIXEafqnbgKuWILGYZXZ7IcO2OOD:FmzCgbW5svbSFoXEtbQVZJ7IcOtOD
Score

3^/10

discovery
behavioral9
- Target
  
  Setuv6.9.86/V6.9/040b.ui.forms
- Size
  
  5KB
- MD5
  
  400acc3967c50f2d904ce98095bce251
- SHA1
  
  411b8a9bab5d161bbedfad69c35d6ed109718177
- SHA256
  
  71c4ea69fd7e0fc130b8dad26bc46aa63ad465a3faae99ad2a280d50f668505d
- SHA512
  
  2a89dddcee340b07a478c508bee153223f367e7ecdc69d4462f2c0bc20c4580c5cfb5ebaebb26de3af6de9b7b3bcf202cdc04605de738dcb7f479fc5465a5e4d
- SSDEEP
  
  48:cYxlBnrC7mJzffJOLn6fe8FsF4CyCLfASCELfQi29MMM9zv66fJIVqnIY7nIYPnK:NxrrCiVffJS+3KT3PLp73g
Score

3^/10

discovery
behavioral10
- Target
  
  Setuv6.9.86/V6.9/040b.ui.strings
- Size
  
  9KB
- MD5
  
  0a88f842daa2de8b94aa099d81e23d17
- SHA1
  
  206210e83092544fc570f029e3113d96b0450b24
- SHA256
  
  3d1600a1e73b56fc03b16c359441468a3c2f4f4771174caab3ddc85039f1b7b6
- SHA512
  
  4bfbe8ef4bf073ac8dc995a09c638fa5ace4da6675d407ed0a86d5109ae3af279bd051d67b1ea934b59420ecf2b2e49f9d7531a685d076d255fba3327be5009f
- SSDEEP
  
  192:hhnrV//tZzaicy9ZRq0G8QnAjaQvFmEDARpkakYgws90crBOdrOD:FFKy9ZRGtAjwR6H
Score

6^/10

discovery
- Drops desktop.ini file(s)
behavioral11
- Target
  
  Setuv6.9.86/V6.9/040c.ui.forms
- Size
  
  6KB
- MD5
  
  192b2471d4913ef18d648890a98207d3
- SHA1
  
  3836e7833745ee2b5fea372b73132303eae54e62
- SHA256
  
  30acca5d175cb03d3acf39482eba243012870d072ac634226fbdcb8dfc5d1dc0
- SHA512
  
  5f6e631d00d4fd1f0613be323879ca1bd79e468f03baf3b1460c33dd4a19ca2a1e97d0d10f1476486b3f2c4e0093d2f02b4507b51cb8b73b0e19e07d754176d3
- SSDEEP
  
  96:9xMrCiVffJOaGp1Ic1TTz9lELR/RbRVR5M4YP:9xMrCiVffJDvVxzEP
Score

3^/10

discovery
behavioral12
- Target
  
  Setuv6.9.86/V6.9/040c.ui.strings
- Size
  
  10KB
- MD5
  
  4a1993ac83570268ae11ee1879263a19
- SHA1
  
  42adef3ddf560fe8f4387a040d092fb1b4c84033
- SHA256
  
  015b2337f6348ec810bdf06a68759dab7c1fc0543421784fdb956b1b3e27e5fe
- SHA512
  
  f0ba640f1ec036d6ef1ea8954df7b04e920ff207d87cb11c134a50b9842709f5da0f30b3e257e9df99138861567f586567c638bb89057cca0e317e452c4be0d4
- SSDEEP
  
  192:TMYp4g5z9WkoTmvlkzLMjQXE2fs8gdOlOD:gqrWkIm2Lc1
Score

3^/10

discovery
behavioral13
- Target
  
  Setuv6.9.86/V6.9/040d.ui.forms
- Size
  
  4KB
- MD5
  
  a2ebb9e8f6bf8db4f47bd69578283532
- SHA1
  
  c8784a4a2f21ee001dd0ca11cdd1dcb6a1995ea5
- SHA256
  
  4c6e5568e57ee199f924ca008cc9708d657db81f36eba379115e311fbf42d6a5
- SHA512
  
  8625718c0ef01cfb4d78adef0d9dbf2f30e1d1f1a95945061dd4a868080908dca255108bb350c06793504a7fcbae18ffde4525d86b673397269911a4e77cfb14
- SSDEEP
  
  48:cMxaqGpe3O34C4CLtA6COLtQi2TMZZIJqFbXarLAb:pxPGmst
Score

3^/10

discovery
behavioral14
- Target
  
  Setuv6.9.86/V6.9/040d.ui.strings
- Size
  
  11KB
- MD5
  
  7660d8adec2934ff590edda344a3c5e7
- SHA1
  
  94d611c2fa3d1f5ffa08232dda10f22e317cf4f3
- SHA256
  
  35601c7fa60df8dd79c1c4433da9babbdeb833f50e7eb18240f88cbbd7027cfc
- SHA512
  
  4556bb801643767b4c301dc662d18fe553b95e6a711b2b7bcb295440e9e1282f0f76c9c79f64dd0804acd28251af615fbd9afd90262de26f5434212b9631c95c
- SSDEEP
  
  96:qhXR563YqA0KDRbms3i16DXA2UB5jb511oUWywtiHOCELE2scM5pWOPOD:eh56ytRdojN11dwtiH5EA/cMvWOPOD
Score

3^/10

discovery
behavioral15
- Target
  
  Setuv6.9.86/V6.9/040e.ui.forms
- Size
  
  4KB
- MD5
  
  df1bacadadf868d442275f8242b0ec50
- SHA1
  
  84b4a86058b26acb5016f6bf6cebf43c302c3125
- SHA256
  
  6f4cee9e3f1674f260f63294ab208731a4b889cb09ac39b1e3e4a59e081a88cb
- SHA512
  
  6b6262079598366f69e9a798a7daa62e88292532c3e33ec476baaaf64e13fa5193200dc368839701383a68e598cdb59a7bc35f76b1b15dd3e15e2341252df0aa
- SSDEEP
  
  48:csxJDHPG/G4CJCLMAeClLMQi2qMKVzjInIaPL6g:RxJW2Y
Score

3^/10

discovery
behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16