lumma | 38e4a29ab9f16e4fa94d66b4d4e8f43a24872da912a3bdbd341e0ef21616b576

Resubmissions

12-01-2025 13:59

250112-ran7waxpaj 10

12-01-2025 13:48

250112-q38asavke1 10

12-01-2025 13:44

250112-q114paxlan 10

12-01-2025 13:37

250112-qw2jnaxjcl 10

Sharing

Copy URL

Twitter E-mail

General

Target

AxoPac.zip
Size

151.2MB
Sample

250112-qw2jnaxjcl
MD5

0dba64071e747e29fa9cf49c0b1c49db
SHA1

aeb1db90861e0b24713be3c0db292b58ca1858d9
SHA256

38e4a29ab9f16e4fa94d66b4d4e8f43a24872da912a3bdbd341e0ef21616b576
SHA512

b672a815d51172803281a2660f1e768021e7ca8c3504a1ab69c8e0da434e1a36ecca68193a5fc149052421271fe21e3b7345fc037dfbbef2dffbff3253dd935a
SSDEEP

3145728:Bq9V3ZOHG1pl1t3e50qZ04swW48GnGXB2/+rNPfOxeVf0dL:Bq9V9J3e506f7WxGnGXB/vC

Score

10^/10

Malware Config

Extracted

Family

lumma

https://reinforcenh.shop/api

https://stogeneratmns.shop/api

https://fragnantbui.shop/api

https://drawzhotdog.shop/api

https://vozmeatillu.shop/api

https://offensivedzvju.shop/api

https://ghostreedmnu.shop/api

https://gutterydhowi.shop/api

https://contractowno.shop/api

Targets

- Target
  
  AxoPac.zip
- Size
  
  151.2MB
- MD5
  
  0dba64071e747e29fa9cf49c0b1c49db
- SHA1
  
  aeb1db90861e0b24713be3c0db292b58ca1858d9
- SHA256
  
  38e4a29ab9f16e4fa94d66b4d4e8f43a24872da912a3bdbd341e0ef21616b576
- SHA512
  
  b672a815d51172803281a2660f1e768021e7ca8c3504a1ab69c8e0da434e1a36ecca68193a5fc149052421271fe21e3b7345fc037dfbbef2dffbff3253dd935a
- SSDEEP
  
  3145728:Bq9V3ZOHG1pl1t3e50qZ04swW48GnGXB2/+rNPfOxeVf0dL:Bq9V9J3e506f7WxGnGXB/vC
Score

1^/10
behavioral1 behavioral2
- Target
  
  AxoPac/ASP.NET MVC 4/Packages/EntityFramework.5.0.0/tools/migrate.exe
- Size
  
  127KB
- MD5
  
  2e33b7b2f9ccc8d9819b5cff9b7df50d
- SHA1
  
  e8b56a75fbc3fb8066dc71814b8a3420b7c4141a
- SHA256
  
  741f083ba6be47568fdef19d1282e619b9ed075852233333e09c437643baefdd
- SHA512
  
  8189b564fb2206affdf3c05dfd2bb800c8df2174fb6accc7aac8a3502c5b9f83a86812293c7fd87c2b4e126a1f6bdc105f668e698347f8b25768129086df9679
- SSDEEP
  
  3072:sKUjmd6IFhYc8HrHZsHrZa6Igy5R6/8cpqZYEqb7d9zeG0pJ:sKUJIF2ZHrHZsHrZa6Igy5Re8cpqZYEP
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  AxoPac/ASP.NET MVC 4/Packages/WebGrease.1.1.0/tools/WG.exe
- Size
  
  1.0MB
- MD5
  
  b381f251ee60cab095f14ba01610058e
- SHA1
  
  d476595a65897fd9bdc30267bc616a27ef215e72
- SHA256
  
  b4633aa209ab30dc0a60e7db1ba9d2b591b5ac6c3bd490353412b6a51ca0972f
- SHA512
  
  ada5ab53556acdc4d4918f19d29b48e22f3090c4225303afb99d1fc5ae73f45a77b5247ba4c7a39a4e44f9ddaaf559f292f1e49e60bbdaaf816e2647384cc97a
- SSDEEP
  
  12288:jc6RIHDEBApQcYmK9yIfu6gHfQjACAd9W6j1vX4CMcU232:jAHDH/K9yiubHyAd9W6xvX4g
Score

1^/10
behavioral5 behavioral6
- Target
  
  AxoPac/ASP.NET Web Pages/v1.0/WebConfig/WebConfigCA.exe
- Size
  
  14KB
- MD5
  
  9cfde9ea0729fd12649a4d5f1594d241
- SHA1
  
  3dfb6a5186d94b764106c990ad78a8642beecc2e
- SHA256
  
  0434cf0836288f336f344978716915425353896ed8dd422d23e63a4637d5bc0b
- SHA512
  
  017862a6c82bc2d294b42eb07dca7bbba2b98f61f41c89e1d899aba1449210b160a1bb117030f3b4da5cc7fd483774bd983b08a1a7edd0f43058ddc47d2b2c9d
- SSDEEP
  
  192:hgL24wXkY9zEPNh3V7PWmBWeaYQKPnEtObMacxc8hjXHUz1TrOuYXC1:hgL24wXk+zObFPWmBWe5LXci2jXHUF
Score

1^/10
behavioral7 behavioral8
- Target
  
  AxoPac/Installer.exe
- Size
  
  322KB
- MD5
  
  fea4388761569e59cc513d1403ee16c6
- SHA1
  
  8a94f6eaf29afbdd1b52b198378e643af49db90b
- SHA256
  
  9a72d961c46dc5015fc4e95e528672561faf983ae7db77166588488020e06e87
- SHA512
  
  8b6018ff3c8f82b9195b839494811d84c6e03fdc03b38f7b2f99f0c14f789db55c31a0fe6f7e4f2c01a985d33c059baaf455af59a77be3306283f66f11e021a4
- SSDEEP
  
  6144:jZEOO3bEGwA54OxVqgMWnqtLdzqyNP1vUnDFTGK9ImvlJkgWCY:jZlGAGN54cVDnqVrcFTfvlJ7WCY
Score

5^/10

discovery
- Suspicious use of SetThreadContext
behavioral10 behavioral9
- Target
  
  AxoPac/x64/bin/jabswitch.exe
- Size
  
  30KB
- MD5
  
  530d5597e565654d378f3c87654ccaba
- SHA1
  
  6fac0866ee0e68149ac0a0d39097cef8f93a5d9e
- SHA256
  
  0cfaa99ae669ddc00bd59b5857f725dff5d4c09834e143ab1b5c5f0b5801d13b
- SHA512
  
  d7520a28c3054160fcd62c9d816a27266be9333e00794434fb4529f0ff49a2b08e033b5e67a823e5c184ee2d19d7f615ff9ee643fe71c84011a7e5c03251f3b4
- SSDEEP
  
  768:+HhfWinfwUFAvnb5TIUX+naSOu9MQQ5jhC7EY:cuin5FAvNTIUX+nbMQQ54EY
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  AxoPac/x64/bin/java-rmi.exe
- Size
  
  15KB
- MD5
  
  cf2f023d2b5f0bfb2ecf8aeea7c51481
- SHA1
  
  6eb867b1ac656a0fc363dfae4e2d582606d100fb
- SHA256
  
  355366d0c7d7406e2319c90df2080c0fae72d9d54e4563c48a09f55ca68d6b0c
- SHA512
  
  a2041925039238235adc5fe8a9b818dff577c6ea3c55a0de08da3dedd8cd50dc240432ba1a0aea5e8830dcdccd3bfbf9cf8a4f21e9b56dc839e074e156fc008d
- SSDEEP
  
  384:GpsbHnDiW6gejmSHhV8cGees7snYPLr7Wj53:GpsbHn/HS/8cresgC743
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  AxoPac/x64/bin/java.exe
- Size
  
  186KB
- MD5
  
  e3e51a21b00cdde757e4247257aa7891
- SHA1
  
  7f9e30153f1df738179fff084fcdbc4dae697d18
- SHA256
  
  7e92648b919932c0fbfe56e9645d785d9e18f4a608df06e7c0e84f7cb7401b54
- SHA512
  
  fc2981a1c4b2a1a3e7b28f7bf2be44b0b6435fd43f085120946778f5c2c2ca73ad179796dec0b92f0c6c8f6b63dd329eecc0af1bb15392364c209dcf9cd6f7ca
- SSDEEP
  
  3072:iUJiEoGLsncZizZQ7QBdCPdG3TBfMzrjZqMNGSplN2:iUJsnVzy7QBdC1G3TBEvFp6
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  AxoPac/x64/bin/javacpl.exe
- Size
  
  68KB
- MD5
  
  c2a59c7343d370bc57765896490331e5
- SHA1
  
  a50af979e08a65eb370763a7f70cdb0e179d705d
- SHA256
  
  40614fe8b91e01ad3562102e440bdbf5fac5d9f7292c6b16a58f723bfffe6066
- SHA512
  
  ca266f1b2e51f66d119e2d71e3377c229a3d583853ffb606c101afeb41689ace7d1f1594781091da67f9be9d09f3019bf048c0f819777e8f1827a56beec252c4
- SSDEEP
  
  768:jFVfr2k521ZnrawwMmqPXt+rP3b/9/YMCxx0OpPOrEE14EVHLAuDeGJiqrmehiV9:PxioMmqF+2x0MORLVq7qjh3rmKPNpwGg
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  AxoPac/x64/bin/javaw.exe
- Size
  
  187KB
- MD5
  
  48c96771106dbdd5d42bba3772e4b414
- SHA1
  
  e84749b99eb491e40a62ed2e92e4d7a790d09273
- SHA256
  
  a96d26428942065411b1b32811afd4c5557c21f1d9430f3696aa2ba4c4ac5f22
- SHA512
  
  9f891c787eb8ceed30a4e16d8e54208fa9b19f72eeec55b9f12d30dc8b63e5a798a16b1ccc8cea3e986191822c4d37aedb556e534d2eb24e4a02259555d56a2c
- SSDEEP
  
  3072:lScg0xvhTZNIs3Ft+STckCBQo3C0Y22vncTBfsO9jZqMN3cH1Tefqk:lSclI6nTc3BQo3C0YHncTBxvs65
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  AxoPac/x64/bin/javaws.exe
- Size
  
  263KB
- MD5
  
  f8211db97bf852c3292c3e9c710c19d9
- SHA1
  
  46dad07779e030d8d1214afe11c4526d9f084051
- SHA256
  
  ecf4307739ca93f1569ce49377a28b31fe1eb0f44b6950dbaafa1925b24c9752
- SHA512
  
  b3e20eeca87136cae77f06e4149e65ebfef71a43589f7e2833008fe43811a2bc8b6202b6adb5ce122a1822e83ce226b833def93a2b161476bd5b623794e4f697
- SSDEEP
  
  6144:Fp9B0qT85g5Sq+VBY2qVLC2wH5rM8HoQvlHO:5uqT85sSq+ERVm2wZEQvlHO
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  AxoPac/x64/bin/jjs.exe
- Size
  
  15KB
- MD5
  
  4f11d43aa2215ce771da528878f01c8e
- SHA1
  
  8062681d73489ff200ca0ba426ff1ff3f44494a7
- SHA256
  
  0d554cd4b373d6d9b9c179a468d179388706c0bde4d878ed75ef575651588b3c
- SHA512
  
  34cb271c32fb479cfaeec536a5d35a41730e90001d67dc9db595db240a1f58c3bf12334bb5cde7673c8e56a4c272bfbd66e4eacdee0082f6fd583e4e039ec540
- SSDEEP
  
  384:GpsE5cnm6ObmSHhV8j0eeq4SziahnYPLr79OOu:Gpszn6iS/8jxeqfhC78Ou
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  AxoPac/x64/bin/jp2launcher.exe
- Size
  
  80KB
- MD5
  
  5f85f7f2dfac397d642834b61809240f
- SHA1
  
  eca28e8464208fa11ef7df677b741cdd561483d9
- SHA256
  
  b71e00adb77d87882d58993a5888955bdd62c57d364f60aaa0fa19d32a69c9da
- SHA512
  
  2bfe9fce450e57ea93deeaa85a746cb17ba946eeff866f10d67c74f7ea038b16910e0d8ef29e9f358af7daabd45e3983c370fef82a9647546819dcde3aee45bc
- SSDEEP
  
  1536:ez2dfBusTTkMffX+xR5kdt94u+508AqDfJOqsbCkq24maADX:kE5u+kkX+P+dt9O08JJOZXX4nADX
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  AxoPac/x64/bin/keytool.exe
- Size
  
  15KB
- MD5
  
  9a4cf09834f086568df469e3f670bf07
- SHA1
  
  594c4e0394475a6299c79e3a063c7d5ae49635f3
- SHA256
  
  709e9e544434c52285a72f29ad6b99ce1e7668545f10ad385c87abf34d2052bb
- SHA512
  
  cd551e7944461f3288b880b9d161f19f97eb4599a3a46cc93c4172b5112960fb0c040b9996f13cf0761fb85a283e2f20944135ec59660c807a59b29cddc44586
- SSDEEP
  
  384:Gps45cnQ6DmSHhV8r0eeU4Szi6nYPLr70aG:Gpsnn4S/8rxeUvC7RG
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  AxoPac/x64/bin/kinit.exe
- Size
  
  15KB
- MD5
  
  4de6bfe6ea98bc42a5358ed8307107b2
- SHA1
  
  8f687e60784fd9046a361dc1dc85d43051cbd577
- SHA256
  
  7c07d167aa4a23ab64a205301663c87e578ff6b31985df8b51af80ca6999176f
- SHA512
  
  8091aadeacad1dac5191ebb996d1e4be25a19c10a4e76f79ab7ea2a592711fd39aad7e89d7dee09385296aa7a649aabfa7c325c4a627afe1c009c906709edb5a
- SSDEEP
  
  384:Gps45cnk6LlmSHhV8i+ceek4SzS+nYPLr7wd:Gpsnn5AS/8jZek7C7wd
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  AxoPac/x64/bin/klist.exe
- Size
  
  15KB
- MD5
  
  ca17b8cbd623477c5d1d334b79890225
- SHA1
  
  2bfc372a28ede40093286cda45003951a2ce424f
- SHA256
  
  a7ac47ac8518e2d53575e12521b3a766a5e2ee4133c6c6ab9ae1c3c6777f5e77
- SHA512
  
  d9ddf3e67b9a4e0197d271243623d4df8a26a35ec2f5195ab316e910e133ba09c70f6d28e7ca69184e4ababcf063c014d7a6e6ea48f82382b316864a945175c5
- SSDEEP
  
  384:GpsJ5cn66FmSHhV8Teeek4SzSgnYPLr7mpB:GpsUngS/8TDekdC7yB
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32