lumma | f8c48647a38e2cd5394b9ca06207f2b0074a2cf81c77ac57fe0976144235274f | Triage

Sharing

General

Target

Setup.exe
Size

607.2MB
Sample

250117-bstx3sykek
MD5

a17140cec06d20895ddf273d48713054
SHA1

3b29e5bb70aed1fced45abde0226790879a5c37c
SHA256

f8c48647a38e2cd5394b9ca06207f2b0074a2cf81c77ac57fe0976144235274f
SHA512

222b14492bd7bb880b0c901ad29d44b97be94134d773c44c1568cb4528dcfcec206fa9cbdc5e64bcccf236cd36e0ef19aad13aa17abc483e8f5bf938bfcddb18
SSDEEP

49152:RTEYaqEETVSEoz0Y1ooTc8VSEoz0Y1ooTT:BHE6VSJ0p8VSJ0m

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://crookemakesif.cyou/api

Targets

- Target
  
  Setup.exe
- Size
  
  607.2MB
- MD5
  
  a17140cec06d20895ddf273d48713054
- SHA1
  
  3b29e5bb70aed1fced45abde0226790879a5c37c
- SHA256
  
  f8c48647a38e2cd5394b9ca06207f2b0074a2cf81c77ac57fe0976144235274f
- SHA512
  
  222b14492bd7bb880b0c901ad29d44b97be94134d773c44c1568cb4528dcfcec206fa9cbdc5e64bcccf236cd36e0ef19aad13aa17abc483e8f5bf938bfcddb18
- SSDEEP
  
  49152:RTEYaqEETVSEoz0Y1ooTc8VSEoz0Y1ooTT:BHE6VSJ0p8VSJ0m
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ApplicationID.dll
- Size
  
  55KB
- MD5
  
  fdc0338e6faeaf6f7c271982e103473b
- SHA1
  
  9a41f7932abe8be7e32c6371f085cf14de355d00
- SHA256
  
  a9dad9fdaae93d10dc2ee346b231913445e731049554b8bb1506827e46f8a44e
- SHA512
  
  a766eef11db4c94b1445d1cd70cf1d3b6141d6b3973562e9fa8d81c79195886b884dbc9b9f6952f8a6e8619534a6bf2d615d539d2cace9c8843dc19415051cc0
- SSDEEP
  
  768:oY+N1V9Ek9B/3I2IIk85ZLa342QpIK0+KE1zRBoSLDGFo+EAM:oY+LpI2IIk85Fs+LNRBo1oyM
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  14KB
- MD5
  
  2b3f617f22f70710aaf7f27efab15c40
- SHA1
  
  66c2397748b46c0aa03f0de1d3b1ef0598512f7c
- SHA256
  
  2393ee61dff10c520fea62b5d6dc1c3a559fcad55f5cf15b22e1f408692a35f8
- SHA512
  
  69295601e8c20a97b512a99afec2609997b589d46a507b2738a6c974ee5b68bde0e56fce150ab1fc4355aa561e8125335378a9c648bbc533bc5b44de1b85b3e5
- SSDEEP
  
  192:bAfhCpBEyMW7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRnSMR+4pCC:YCJMUvDGFtart8E9VFK4iZSr4cC
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/BitsUtils.dll
- Size
  
  15KB
- MD5
  
  8dd17c172a24ebf9601308b949a9ea22
- SHA1
  
  507e586c9f69ddc7e58442631efc44f3fe58089c
- SHA256
  
  ab77c0a6c79e76ab0f509d655273b2ee5c682c702217f4f884bbab3d2fdfc4c0
- SHA512
  
  7de5a35771ac8ead2e3096de29bdedd8e94696d35dc304388c1cff2a14bb264e389a576dae21aaf9cbac79de6c99606b61f1dc5f0ba35fd261b2f5553d389e59
- SSDEEP
  
  192:3VaJs7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRPmq514Lvsoj:3VaJWvDGFtart8E9VFK4iFm810Hj
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/CityHash.dll
- Size
  
  53KB
- MD5
  
  2021acc65fa998daa98131e20c4605be
- SHA1
  
  2e8407cfe3b1a9d839ea391cfc423e8df8d8a390
- SHA256
  
  c299a0a71bf57eb241868158b4fcfe839d15d5ba607e1bdc5499fdf67b334a14
- SHA512
  
  cb96d3547bab778cbe94076be6765ed2ae07e183e4888d6c380f240b8c6708662a3b2b6b2294e38c48bc91bf2cc5fc7cfcd3afe63775151ba2fe34b06ce38948
- SSDEEP
  
  768:jfXngOuwVTROMOZbPg9ao/wxsfJM3JuNUgo3BDGFo+EA3:j/hPVTRBO9NJYMMnomoy3
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/ExecInExplorer.dll
- Size
  
  14KB
- MD5
  
  f165b8df6ba6cf4e929ba3a6818d1161
- SHA1
  
  90973888586d1f466a09fc813a3483b39357e471
- SHA256
  
  0d65131958d7ef898982f5772edef1b1491ed24fcc5c454712775b7bbb8edebc
- SHA512
  
  8b01857dfe8408af5a33ec8ec82507af35fe02bab534560f9b883bc3233ef250b44a8c07fe9cfb2e393b6f4763291a91ac015fcfa4e12306e4847e7cc204021c
- SSDEEP
  
  192:gXpVutvFD2jndC7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHReNOJVv3B7mu:3Jh2BIvDGFtart8E9VFK4iIUtlt
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/HttpPostFile.dll
- Size
  
  14KB
- MD5
  
  b97c09fdb76e1f5f5b964c229f0e9cc0
- SHA1
  
  808e64bea4fde6d4944b6ffe5a3acbc6f45f9be7
- SHA256
  
  55e714d2e298c42f73c5872ca50275d2d6b4b161c76cb87a8ebca8c1f99858db
- SHA512
  
  1e930930bceb5895c599bdc5a886012ebaa3e08da03dcbf0579acf6d22bd061d36202c8f05d3d49c3b823543162f9ece74f9beefc9cc4085a67415e46bd84727
- SSDEEP
  
  192:deoj8f2F7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRIb3i7Q:dU2nvDGFtart8E9VFK4iGbik
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  25KB
- MD5
  
  fd249bc508706f04a18e0bc0afddec82
- SHA1
  
  b94efda9f41c89fc6120ed385867125d03f28bea
- SHA256
  
  c34f095e200db420ce9af5489c3e392be285e43c3f4c9fbe34686b1f0a1531ad
- SHA512
  
  c820c06ad5ae21101602d9e7864fed9b470b25fa9a0ee025d05e72697d88c7e03cbee7ad476f4e3d5b6e467248b8ad1fefa2710c76011e2156b85068961404ba
- SSDEEP
  
  384:EAC43tPegZ3eBaRwCPOYY7nNYXCA/YosaNvDGFtart8E9VFK4ivDGb:EdTgZ3eBTCmrnNAEYDGFo+EAy
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/ServicesHelper.dll
- Size
  
  14KB
- MD5
  
  b9e8c2212ac8dae4b0eaf97c048529fa
- SHA1
  
  331d172323480b0518abdb0cc9e256dc7f46c357
- SHA256
  
  d6f6758adac2c073bec481e8de762af3a5574789bce3f43de02356afc9911e0f
- SHA512
  
  d93aa032e27c8268a4f6883711cf41f7ee2b5d33673a26d78db24456f2c548af39b7b98ed4b4737245c278d524fffb3e4bf708b6815dc866acd371427ff6be96
- SSDEEP
  
  192:UIHxGS7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHR5tHPk6NM:UR4vDGFtart8E9VFK4i/9kSM
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/ShellLink.dll
- Size
  
  14KB
- MD5
  
  fa94d120efb029b43217c66bbc8c650c
- SHA1
  
  1fcf2d76adf69b403b7400681ac91d50ed20385f
- SHA256
  
  5f6f414b412c72b10f49eb92af1d368ede531b58fb200d539fd2b45e371612db
- SHA512
  
  07ed0771d5bbb651ea7421a5f6b08fa234f9cc041315d9360a7135ba12180064fc99a27725385a8ecd3ceb25bed5c00de169f7dabb3ccf6e987f45254dff8158
- SSDEEP
  
  192:46J7JQCdiaR+7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRqt8kzN0eM2s:LJ7JQG2vDGFtart8E9VFK4ictvU2s
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  22KB
- MD5
  
  b361682fa5e6a1906e754cfa08aa8d90
- SHA1
  
  c6701aee0c866565de1b7c1f81fd88da56b395d3
- SHA256
  
  b711c4f17690421c9dc8ddb9ed5a9ddc539b3a28f11e19c851e25dcfc7701c04
- SHA512
  
  2778f91c9bcf83277d26c71118a1ccb0fb3ce50e89729f14f4915bc65dd48503a77b1e5118ce774dea72f5ce3cc8681eb9ca3c55cf90e9f61a177101ba192ae9
- SSDEEP
  
  384:78+Qlt70Fj/lQRY/9VjjgLZvDGFtart8E9VFK4ietffvtlh:7SqFjm6YL1DGFo+EA6tlh
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  28KB
- MD5
  
  d23b256e9c12fe37d984bae5017c5f8c
- SHA1
  
  fd698b58a563816b2260bbc50d7f864b33523121
- SHA256
  
  ec6a56d981892bf251df1439bea425a5f6c7e1c7312d44bedd5e2957f270338c
- SHA512
  
  13f284821324ffaeadafd3651f64d896186f47cf9a68735642cf37b37de777dba197067fbccd3a7411b5dc7976e510439253bd24c9be1d36c0a59d924c17ae8e
- SSDEEP
  
  384:2lqVibvTh4qnFP+OPEzinclP++vDGFtart8E9VFK4iBSaXrwz1k:EqVavVfPkzhlmIDGFo+EAzrn
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/liteFirewallW.dll
- Size
  
  92KB
- MD5
  
  f5a3005a46e051b8d9eb5e2be7802f7e
- SHA1
  
  4fae43843bf6210d5d98683b50705824877a7d9a
- SHA256
  
  c0a12e651085aa2488796b474a5ca3bc70c22f1fd98ef854049b8d72987e478d
- SHA512
  
  4993fcfe6669dd1e3621ca50e35aad750bc6c89838abf94da4303c5a31e958b3d3bc2cf70c268590c8cd5cdbc90f015ffa37cf98548c2b54ea8171b63a3bfa0c
- SSDEEP
  
  1536:tNiXc1jND/x0LI7W2kG3Crh520Hsy7xxz4J:79N7iPrh52ssyXe
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  17KB
- MD5
  
  0e584c7120bd474c616013c58d51dc6b
- SHA1
  
  0bc980892341b52985d92fb3d8fbb6be77951935
- SHA256
  
  7fb626aa05bee1095633a75aeb7895ebd816a98e0aa1581a0154e4c196de5391
- SHA512
  
  aa3a471b3f33c3ffdbe1b1e3c1e5d04367bcab3c16049396a8dd12c5a8317e4b153761f74f39b756dd4fb1806aedc4f1bb38bfbc12f16480eed3fd3087a0d157
- SSDEEP
  
  384:qDrvAxnJGernNQZGdH7vDGFtart8E9VFK4ibEge:qDrkoernAGRLDGFo+EAxe
Score

3^/10

discovery
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28