lumma | 29081253537f8c90e40915430d712693ceb7cc941718f53395708067e142a041

Sharing

Copy URL

Twitter E-mail

General

Target

Launcher.zip
Size

5.4MB
Sample

250117-agylfswnhk
MD5

ea53a93adfdc278cbb2833da129a7c53
SHA1

eeaf613d6942b304f9b8465cbcbdbbc547b0d8be
SHA256

29081253537f8c90e40915430d712693ceb7cc941718f53395708067e142a041
SHA512

c1dbef4bfd93a0e031e1e52a63503989cb417b5065d830d22fb945b8a74d0d9206feef556cd670840a8c05c0892a595f57b7af869d559c1e92de29c703f216aa
SSDEEP

98304:HZBaPN7PKSKU/MFmiTi7ml+zXbcbBiLnCcKfrJ9bGug9Tsv1ipCa:HZc1KFmiWk+k0zCc2G39TsI

Score

10^/10

Malware Config

Extracted

Family

lumma

https://hummskitnj.buzz/api

https://cashfuzysao.buzz/api

https://appliacnesot.buzz/api

https://screwamusresz.buzz/api

https://inherineau.buzz/api

https://scentniej.buzz/api

https://rebuildeso.buzz/api

https://prisonyfork.buzz/api

https://mindhandru.buzz/api

Targets

- Target
  
  Launcher.exe
- Size
  
  549KB
- MD5
  
  b567773e39406bbefea1caf067c13c00
- SHA1
  
  52725d26ddf962f6a595caaf358cfccbcab6d998
- SHA256
  
  164d0014d7bf325ef3bfb77a851fac902d547eca3e2d2eb8c1e1ea0993fe0d09
- SHA512
  
  cbf212060e2b0da7e23a2d633cf7dc983025e17cf32afdee54d8f4831460434d248d23ae75d883128feaff66df9a4503eebf814174af1fdf2656eb52f789445e
- SSDEEP
  
  12288:Liiy2LA/I0xusciua5z2NEpYBRupKm7BfHgq155ppbdGax1Ou75vunMGZa+IANcD:Liiy2LA/I0xusciua5CNEpYBRupKm7Bj
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  libffi-8.dll
- Size
  
  38KB
- MD5
  
  0f8e4992ca92baaf54cc0b43aaccce21
- SHA1
  
  c7300975df267b1d6adcbac0ac93fd7b1ab49bd2
- SHA256
  
  eff52743773eb550fcc6ce3efc37c85724502233b6b002a35496d828bd7b280a
- SHA512
  
  6e1b223462dc124279bfca74fd2c66fe18b368ffbca540c84e82e0f5bcbea0e10cc243975574fa95ace437b9d8b03a446ed5ee0c9b1b094147cefaf704dfe978
- SSDEEP
  
  768:NiQfxQemQJNrPN+moyijAc5YiSyvkIPxWEqG:dfxIQvPkmoyijP7SytPxF
Score

1^/10
behavioral3 behavioral4
- Target
  
  libssl-3.dll
- Size
  
  768KB
- MD5
  
  19a2aba25456181d5fb572d88ac0e73e
- SHA1
  
  656ca8cdfc9c3a6379536e2027e93408851483db
- SHA256
  
  2e9fbcd8f7fdc13a5179533239811456554f2b3aa2fb10e1b17be0df81c79006
- SHA512
  
  df17dc8a882363a6c5a1b78ba3cf448437d1118ccc4a6275cc7681551b13c1a4e0f94e30ffb94c3530b688b62bff1c03e57c2c185a7df2bf3e5737a06e114337
- SSDEEP
  
  12288:ytPc2nnGoNg4kSHoxX09yO5EavUFe9Xb12:y9jnnpTHoxXUsFe9XbM
Score

1^/10
behavioral5 behavioral6
- Target
  
  python312.dll
- Size
  
  6.7MB
- MD5
  
  550288a078dffc3430c08da888e70810
- SHA1
  
  01b1d31f37fb3fd81d893cc5e4a258e976f5884f
- SHA256
  
  789a42ac160cef98f8925cb347473eeeb4e70f5513242e7faba5139ba06edf2d
- SHA512
  
  7244432fc3716f7ef27630d4e8fbc8180a2542aa97a01d44dca260ab43966dd8ac98b6023400b0478a4809aace1a128f1f4d6e544f2e591a5b436fd4c8a9d723
- SSDEEP
  
  49152:mz0oCxOqKWneF3o1VLCClOTNRpaOviXEYWyb3eOYTvuFsx/iac84YNFXiTlv5WF4:mooCcqKLHX+az2Ro8Kv7HDMiEB/
Score

1^/10
behavioral7 behavioral8
- Target
  
  resource/scripts/vscripts/_items.nut
- Size
  
  411KB
- MD5
  
  5fa2f4f4aa23f69965e9f1cd6e5a5ba2
- SHA1
  
  49f54a067f01f06e785a91d1240aac7705a7e479
- SHA256
  
  28cd4b31ae100c3188fe324de04611315c127e70010d4a750da46c105bfad92d
- SHA512
  
  07606a5f0c04560d4bd42f0d878520ddb7d2eed48384ac46f1e6dc0c82854f293fbd9338d8e1ee4151ed064922d8410887abbb722fd0d586d9353f800809168c
- SSDEEP
  
  6144:SnXh9tDZngabFboarZnYG/nNQ67FzYmTx3cGTB3YG5JnNE/d/CXtX615jmNdl8nD:WwOav/zwAlHVtG6F
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  resource/scripts/vscripts/sp/cl_pilot_speedometer.gnut
- Size
  
  982B
- MD5
  
  5bf7669661a2ba4e234bcbb3835ed48d
- SHA1
  
  aee91fdc19aca051def3db35559c49024b8adde9
- SHA256
  
  1a4ec84dc9aa9d5767dda19bdfad87a265bd79e9aa01a2102dd90913da36b6a2
- SHA512
  
  25f8bfecc7546eab9e89d6d34cee163868e9d71cb2b540be8ee6373dd663a50e0f949892b0b344894c8a56742a889b58f57641da7882c6135c1a02f23c1d3c73
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  resource/scripts/vscripts/sp/cl_sp_hud.gnut
- Size
  
  7KB
- MD5
  
  ac771321dd3ee2a03a6aec4648ebaa81
- SHA1
  
  751752c185a4ba47c7963f14526a1d3501684a4c
- SHA256
  
  91b3ece4da76c74de06b0a8310586405b6dcd2ef092e29eeddef3cbc96019dca
- SHA512
  
  8c84823603822a6be4c3f731b6bf69b22360d7de88acb4e2a2e838b674052be0b6cdd71f4cab071dd9f9bac90c8ec40cc4323b1162e4f158a6b54b355abdeb99
- SSDEEP
  
  192:0Q56Cw1QaccA9uqM7Kp/wF6AoqA3fZunvrwy0jXTYN:0Q56Cw1fccA9ubq/k6BZ3fZuvrwy0jXU
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  resource/scripts/vscripts/ui/_menus.nut
- Size
  
  54KB
- MD5
  
  698c8d7a0c9f41159a25effc3fee4988
- SHA1
  
  8122e951b3a1fc3939084edb28f7d81e1a263408
- SHA256
  
  8f5b4c45d0fb3ee449367af68af5164784a7076c0b57b0c4bdba4cab7fb16d3b
- SHA512
  
  650bf7ada9f471820f1995b64b0b890c5e21abf1b253307f4571c5d569c9532bf10409c031e340305daa9c17e8845b6df3c13c03eb6c566d11900e0dc533625c
- SSDEEP
  
  1536:7QW2qnZCKsRRdNtNXKMQIiKEex25upzdh4wYqnH3DhEy6RoVlPbQhxSlWlNTXOT:eqZCNRRdNtNXKMQhKEex25upzdh4wYqr
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  resource/scripts/vscripts/ui/menu_advanced_hud.nut
- Size
  
  7KB
- MD5
  
  0ea22fb3e339c47074e9f1b57264eb98
- SHA1
  
  d695d1d55214b2a041b953b85aa14b88c8910a33
- SHA256
  
  0da23cde01334c76228710b540307c7a7a81cd72cd7483d04281eba790b20b83
- SHA512
  
  5e33ae72cfb6bece52fc2fa40259c119986f5a65ddc048227ba8e97ad3996e5c1aa060c4e9c07c67633b73b328f7b9b96acf8f9c993c3b6dc9332926ccdf0899
- SSDEEP
  
  192:Mx3AFVAFBkxoepbw8nQ+z2Q+Kf8pcs2HbL9IN:Mx3MVMBkxoexwqPjv7L9IN
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  resource/scripts/vscripts/ui/menu_audio_settings.nut
- Size
  
  3KB
- MD5
  
  0445bd8b245934c11d368c7a8438e6a0
- SHA1
  
  e70383d812e043b94046d4612997b84a49af0b8f
- SHA256
  
  8a0f8d0e2f7613f56d61cd2514005bc72c0d64af7ea72f51f4492a290d45016e
- SHA512
  
  1f4eb9e58d5f6f02bda0b0abc3fe089252a1cd49a7ac6c17bcb24ea2181fe2ab6e99691bd772323d33fa226c9dba7ff22c72587840fb154d69119b6781c841e0
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  resource/scripts/vscripts/ui/menu_controls.nut
- Size
  
  9KB
- MD5
  
  0b642bfef275045db16f345e2754f3c6
- SHA1
  
  dec735293fed2586e1300899f70836dfa71df228
- SHA256
  
  7d36ce5dce5076db341dccd9d6d64f43bb733756609939020e94d17a3e4605fa
- SHA512
  
  da32100fa5c15d03c06b4fc2d9b50c95768b33281d9b808a73155e26f34cdce1a79067d65dcb5361326388e94635b67c6b4664dda045d057b7c1321987688477
- SSDEEP
  
  192:M2nAFqAF2JHf6WmthaGAThKdqhXpVd1DUlgUq9ZfTzw18H:M2nMqM2J/6WmtyToohXV1kC9Z7ziS
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  resource/scripts/vscripts/ui/menu_extra_settings.nut
- Size
  
  3KB
- MD5
  
  a6f45c20bd144e60bdcc41d8121bba12
- SHA1
  
  934375272728a5f75c4df7de2c68a041a657e46c
- SHA256
  
  f38c15e3802e452b4c8a04f10a75a9aa2f5fab35bacabc88626bcd190a526091
- SHA512
  
  db3b020ecc2e3bc887ead26df2d81f11035af5ba108dbe0b74e4c620502a4cc1bcc7519aab7c0155a2c01165795d26e0c3120ef92e088c1c2e84722d19e14f52
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  scripts/vscripts/ui/menu_controls.nut
- Size
  
  9KB
- MD5
  
  0b642bfef275045db16f345e2754f3c6
- SHA1
  
  dec735293fed2586e1300899f70836dfa71df228
- SHA256
  
  7d36ce5dce5076db341dccd9d6d64f43bb733756609939020e94d17a3e4605fa
- SHA512
  
  da32100fa5c15d03c06b4fc2d9b50c95768b33281d9b808a73155e26f34cdce1a79067d65dcb5361326388e94635b67c6b4664dda045d057b7c1321987688477
- SSDEEP
  
  192:M2nAFqAF2JHf6WmthaGAThKdqhXpVd1DUlgUq9ZfTzw18H:M2nMqM2J/6WmtyToohXV1kC9Z7ziS
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  tk86t.dll
- Size
  
  1.5MB
- MD5
  
  ef0d7469a88afb64944e2b2d91eb3e7f
- SHA1
  
  a26fd3de8da3e4aec417cebfa2de78f9ba7cf05b
- SHA256
  
  23a195e1e3922215148e1e09a249b4fe017a73b3564af90b0f6fd4d9e5dda4da
- SHA512
  
  909f0b73b64bad84b896a973b58735747d87b5133207cb3d9fa9ce0c026ee59255b7660c43bb86b1ddeef9fbb80b2250719fd379cff7afd9dbec6f6a007ed093
- SSDEEP
  
  24576:gR3uXVFKflt2zwvzPYHURwgVdF9EWyCzfdmHQnveD4CGan9nViFoHb15K3cmwdbi:SeFSpvzg0RwgVdF9EWyCzfdmHQnveD4r
Score

1^/10
behavioral27 behavioral28
- Target
  
  vcruntime140.dll
- Size
  
  116KB
- MD5
  
  be8dbe2dc77ebe7f88f910c61aec691a
- SHA1
  
  a19f08bb2b1c1de5bb61daf9f2304531321e0e40
- SHA256
  
  4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83
- SHA512
  
  0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655
- SSDEEP
  
  1536:+qvQ1Dj2DkX7OcujarvmdlYNABCmgrP4ddbkZIecbWcFML/UXzlghzdMFw84hzk:+qvQ1D2CreiABCmgYecbWVLUD6h+b4ho
Score

1^/10
behavioral29 behavioral30
- Target
  
  zlib1.dll
- Size
  
  141KB
- MD5
  
  b4a0b3d5abc631e95c074eee44e73f96
- SHA1
  
  c22c8baa23d731a0e08757d0449ca3dd662fd9e6
- SHA256
  
  c89c8a2fcf11d8191c7690027055431906aae827fc7f443f0908ad062e7e653e
- SHA512
  
  56bafd1c6c77343f724a8430a1f496b4a3160faa9a19ea40796438ae67d6c45f8a13224dcf3d1defb97140a2e47a248dd837801a8cb4674e7890b495aeec538e
- SSDEEP
  
  3072:jqLKjJj3yg1shVjm4OvfqnKAh2mrohmR5JHDbu4cCxp/:jqGEgSefI3roCDbH/
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32