lumma | 094d7b004fb3211cf02bce291a63af6347e80e05a44f1ad206f9414ad2e647a8

Sharing

Copy URL

Twitter E-mail

General

Target

redesigned-octo-adventure-main.zip
Size

825KB
Sample

250110-cb4avsxqb1
MD5

e9403212046445b433b541db38080593
SHA1

5556253da0146d299765ab8b5352d86cd5378d33
SHA256

094d7b004fb3211cf02bce291a63af6347e80e05a44f1ad206f9414ad2e647a8
SHA512

729cbeb0596cab65358b60b1a012becb1eebfccf99fbd50e0f7c6b10951175b8d49075320222d82f5dd701994003fcb48aff1399158c51f4417494b11223dd48
SSDEEP

24576:sTtr6S1ZtGoArYQDmlKxzA03TrcSnxtGWMrYGhkJKbzC/u:spnZtoMQDPzDPnxtqMGhfz0u

Score

10^/10

Malware Config

Extracted

Family

lumma

https://powerful-avoids.sbs/api

https://motion-treesz.sbs/api

https://disobey-curly.sbs/api

https://leg-sate-boat.sbs/api

https://story-tense-faz.sbs/api

https://blade-govern.sbs/api

https://occupy-blushi.sbs/api

https://frogs-severz.sbs/api

https://property-imper.sbs/api

Targets

- Target
  
  redesigned-octo-adventure-main.zip
- Size
  
  825KB
- MD5
  
  e9403212046445b433b541db38080593
- SHA1
  
  5556253da0146d299765ab8b5352d86cd5378d33
- SHA256
  
  094d7b004fb3211cf02bce291a63af6347e80e05a44f1ad206f9414ad2e647a8
- SHA512
  
  729cbeb0596cab65358b60b1a012becb1eebfccf99fbd50e0f7c6b10951175b8d49075320222d82f5dd701994003fcb48aff1399158c51f4417494b11223dd48
- SSDEEP
  
  24576:sTtr6S1ZtGoArYQDmlKxzA03TrcSnxtGWMrYGhkJKbzC/u:spnZtoMQDPzDPnxtqMGhfz0u
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  redesigned-octo-adventure-main/Installer.zip
- Size
  
  412KB
- MD5
  
  5834c5c8dd382279552b402485972724
- SHA1
  
  01f819fd1373406192f37d81b67616e2635b9594
- SHA256
  
  f6b83968459320e6ba12dab92d4b2d7bd8c28d435e2eebcabbb45f536e446d27
- SHA512
  
  7cfd8e00b2241f743c390fa35188555fba8960f50bddc46b1f8771881ac395025eefb0f8146481233518d2d16b99adc1556dc9ed38ae452338391f4c8837fd7c
- SSDEEP
  
  12288:6sKtssrqSOa/KZQtGWhsrYo/2rKjiTjKLHzwzAsco:6pfrqSF9tGWWrYo/+PKrzeKo
Score

1^/10
behavioral3 behavioral4
- Target
  
  LunarLauncher.zip
- Size
  
  412KB
- MD5
  
  0c6c2bd569017a792dfd2c8504fc3dd4
- SHA1
  
  8c8071e73173ed947f4b53c5afba90988f2693f8
- SHA256
  
  b46a7d1748d47539dee5335ba439543be73b086b532d2aa9a3b6a28ad69c1782
- SHA512
  
  8c29296fac57523fd4a3fc31401a696b6d5cddbb2ec934bb2f97ac3f203c8d6b218995fd60dc9d4c55cb9c427a2771a566d588e1d301898293f3f990e5697fdc
- SSDEEP
  
  12288:BsKtssrqSOa/KZQtGWhsrYo/2rKjiTjKLHzwzAsc9:BpfrqSF9tGWWrYo/+PKrzeK9
Score

1^/10
behavioral5 behavioral6
- Target
  
  Info.txt
- Size
  
  71B
- MD5
  
  56caf5948d88263d8a2fc5ed18223125
- SHA1
  
  60e7fced565b151ffd253d3efe959b92c25efd92
- SHA256
  
  660fc9fe88879d3a3c32f772af4f6497563de9f228d43807248c517f451b2185
- SHA512
  
  c056ee862a59c10924c7c473bfff29f1a370b81a2a4b966a083b05415000b5283adc327517422ccde17ae616b35c38672b75a2e2a4cfd831cac8b76f78a6da88
Score

1^/10
behavioral7 behavioral8
- Target
  
  redesigned-octo-adventure-main/LunarLauncher.zip
- Size
  
  412KB
- MD5
  
  0c6c2bd569017a792dfd2c8504fc3dd4
- SHA1
  
  8c8071e73173ed947f4b53c5afba90988f2693f8
- SHA256
  
  b46a7d1748d47539dee5335ba439543be73b086b532d2aa9a3b6a28ad69c1782
- SHA512
  
  8c29296fac57523fd4a3fc31401a696b6d5cddbb2ec934bb2f97ac3f203c8d6b218995fd60dc9d4c55cb9c427a2771a566d588e1d301898293f3f990e5697fdc
- SSDEEP
  
  12288:BsKtssrqSOa/KZQtGWhsrYo/2rKjiTjKLHzwzAsc9:BpfrqSF9tGWWrYo/+PKrzeK9
Score

1^/10
behavioral10 behavioral9
- Target
  
  Info.txt
- Size
  
  71B
- MD5
  
  56caf5948d88263d8a2fc5ed18223125
- SHA1
  
  60e7fced565b151ffd253d3efe959b92c25efd92
- SHA256
  
  660fc9fe88879d3a3c32f772af4f6497563de9f228d43807248c517f451b2185
- SHA512
  
  c056ee862a59c10924c7c473bfff29f1a370b81a2a4b966a083b05415000b5283adc327517422ccde17ae616b35c38672b75a2e2a4cfd831cac8b76f78a6da88
Score

1^/10
behavioral11 behavioral12
- Target
  
  redesigned-octo-adventure-main/README.md
- Size
  
  535B
- MD5
  
  207abbceb43625f736b5867c28116efb
- SHA1
  
  fb9efdb30ce2e032010bf7005d49d593ec9c0bb7
- SHA256
  
  d09eb7e2f5e1e94d5f5416fd3a8515edcfedd80b963816e2bd24d1d29dc5a162
- SHA512
  
  042480a0b1725d806a69b58197435d7a0e6b750077feaca66cc53db894ad6de70750e0dab6583bf5ec03d9dbef08d9433385ba6b09d373521d2efdaa14a1567e
Score

3^/10

discovery
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14