lumma | 8cdbf4c71eccc7065c76b28cae6df27e3967d9c660852399af837735a0060d69

Sharing

Copy URL

Twitter E-mail

General

Target

EcheIon.zip
Size

56.1MB
Sample

250112-e311xsymdq
MD5

52ccdaefd042307bbd1b2f53155aabc2
SHA1

675a7321f6f3291352926eaa550711d9cc71f6b0
SHA256

8cdbf4c71eccc7065c76b28cae6df27e3967d9c660852399af837735a0060d69
SHA512

2b0bb561619c520c97a5cf9b16aaefa402af2a69a56d77562478847443aafa4aa0312555290d6d7a14e4d31cb35e03ab8ef7148fa4d7ecfd8dd02f3db70b9940
SSDEEP

1572864:R3i5dzVOsoNxmP6E7IALTK/D0Y0TBIH3adpnkK5zWuiK1:RS5dzcNgyzAi/DyTBwODl/iK1

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  EcheIon/Configs/main.dll
- Size
  
  4.7MB
- MD5
  
  96d2a1bfbe79b68678b78017bf4ca532
- SHA1
  
  c61e6222a42d858ab329eb5e0930b5274256c69d
- SHA256
  
  5e97d896a427313467f598567f4dd60afc891f6b516faf3fc8d6379a7df40de4
- SHA512
  
  0bc8ef5742d395692468d56966c3c9e640dbb34dcaf9922825067a69dc92f90574078553f3c2fb0052bce951939b869e19ab686470064422ffa9c7586c081bf6
- SSDEEP
  
  24576:ab5Wyc+GYmc0guuEtMQxmbW0dH580xYIwzO0Zzp:ab8ysYm5ax580/wK0Zzp
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  EcheIon/Configs/menu.dll
- Size
  
  12KB
- MD5
  
  c9c78c96cd57e682cc633df02483bdef
- SHA1
  
  5bcaf1dd505842e05e6b7f603c52d180b0e4f9cb
- SHA256
  
  8e1254cd6d363eb52633d7591ed8fed6779067370c52784814acf09a5a485ade
- SHA512
  
  936156cf8fcd0a2823621a20ac52a9f60672554bed43657c518eb1882b66b7f660d6c6de4b9d58aff3c07334c2a9ba214bad25c2d19c6d0db2e29821c945b148
- SSDEEP
  
  3:dLQt:Jo
Score

1^/10
behavioral3 behavioral4
- Target
  
  EcheIon/Configs/up.dll
- Size
  
  45.7MB
- MD5
  
  96b46f6f511442e7a1b5daa125ced491
- SHA1
  
  337f4b6d92b567c30b90de1666f8adb32b457ee2
- SHA256
  
  5546076ae6554a76b243471a4a3c3d002ef80b7504282c05c2a4fb923c8b77fd
- SHA512
  
  e5b359cac7eaaf7255734a86e562706061ed133c09b3ca6a54c3aa2cdae36e60e8766b38dc4d31ca74bff768f6a4a63e90baeca10e64ce7819927effddd6686e
- SSDEEP
  
  24576:ab5Wyc+GYmc0guuEtMQxmbW0dH580xYIwzO0Zzp:ab8ysYm5ax580/wK0Zzp
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  EcheIon/Configs/wh.dll
- Size
  
  5KB
- MD5
  
  486366059a498e9d3387ebd7d3dd5042
- SHA1
  
  e55ebf34fc3e7d5cd3d7d9546280a4c5e6a66c6c
- SHA256
  
  41b9d92d0c4e2fba1ae94c2807a9442e1bddfceeb0332779ec6c29d54a159a0e
- SHA512
  
  e75088143888a5ee8ccb37c56dba374670841b54715da705012a7f5f3fbe21bcb203ec73485de66106f556a8437f3ffb9d0b052d0774cec476206c4e347166ce
- SSDEEP
  
  3:5q:U
Score

1^/10
behavioral7 behavioral8
- Target
  
  EcheIon/Core.dll
- Size
  
  2.8MB
- MD5
  
  3f79f1b8c67a57c6f87487de138ccd3b
- SHA1
  
  1ad50e59bc40464ca378e823745a69e1f6ed443b
- SHA256
  
  53d32aa885f04f1fe0a3594298b8ae05540c826c5b4ba4720944e2b91d8b7608
- SHA512
  
  6b2dbcf2bb2e7d6af0b6314409cf6c943174281318d264ffec79f10648d44eaf48262b50e139d57fdae93a4ea6409f343451feb11969ce4b7e3bd543bdfaac45
- SSDEEP
  
  3:KO:P
Score

1^/10
behavioral10 behavioral9
- Target
  
  EcheIon/Data.dll
- Size
  
  24KB
- MD5
  
  686c625fbfad9db37a93a8ec5324b247
- SHA1
  
  7558d93cc345e135afc31122618c034c7cb7248a
- SHA256
  
  559ebc6a47f70380a9f8935d506d083e4867ccfad0370858089fdb79ff52cd22
- SHA512
  
  6baba5bef9019383ff77fe65627f70103aacb9954f1d68db6aec64a9ae0784b5fe31a9884f716b61fe8dd850739bdfa9f4bac8551226f124a581399e59f26a1b
- SSDEEP
  
  384:L/AAaFiTCmM82SuxDJQfWaFWsZTb2HRN7nR3I15DNR9zQ1Bt:DpaFiTCm0DJQFT/inWr9z8Bt
Score

1^/10
behavioral11 behavioral12
- Target
  
  EcheIon/Drawing.dll
- Size
  
  40KB
- MD5
  
  3914e5d98945a34651a6f4bf003136d8
- SHA1
  
  debaa7d57086ebe0c11df6ee520cd78a9109bfa0
- SHA256
  
  75cc3513dad447d94e278452a4c23582356cf127f2f290f915655742f4dd4f72
- SHA512
  
  0a72e64f022613386802b6110d3b38e0235867cfd657f4a691e7cc841ce9c467539be8d94ffb383637674980c795c2c65fbed301091eed31c6db364869592cc3
- SSDEEP
  
  768:Zz0jGGEMWk8TycxOMZz0jGGEMWk8TycxOMn:vlZNTyM3vlZNTyM3n
Score

1^/10
behavioral13 behavioral14
- Target
  
  EcheIon/Echelon.exe
- Size
  
  2.8MB
- MD5
  
  744d976d5410b66062c88e5f91c957c7
- SHA1
  
  28475d40bdc8522f23d7e20c156f87db0ca6ac1c
- SHA256
  
  9826dac19113485c882821fe767407955dc8eec684a362f56e05133dd1047c53
- SHA512
  
  8d1d8e4cb92e6383510f44db1c79ee5d68d936397025685925c6a9418eb9b7518e5473f908c3ce8de4f0e8e672dabc21da6c1d089b402aa570216ae0eca2a380
- SSDEEP
  
  49152:9g2qPtc1e5OS7bPGoUl+x/grN4azvchYk2AWcAP3l:9vqPCnrN4azvSYFcgl
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16