lumma | 5dccb71a2904aac46581cc3069a702613cfb0047633b8e584d62de62dc379575 | Triage

Sharing

General

Target

34598938459-19-1-25_3.zip
Size

2.9MB
Sample

250119-v3fb8aymbr
MD5

2bb8e39742e82962536c37749e819fd3
SHA1

4e13fce9dec21c401292f09e9becb144c0a0ef8a
SHA256

5dccb71a2904aac46581cc3069a702613cfb0047633b8e584d62de62dc379575
SHA512

bb5dfe23abacc4cc64625fae0af444112ee839a10382ab9f42b211fde4a1113e08ed1ce1f690497af858692c243f48838a09169d0e182cb746465095c27c02dc
SSDEEP

49152:Cue0LAt3+KcHPaQ2mH3xjKWK0hijDi4UzwYzb3UQd7M3RYbMHULy+EDe+KH3hB5R:CbwAZvyiMFVK0hijDitLzbEQd7rbM0u2

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://joyoushammen.cyou/api

Targets

- Target
  
  DBDownloader.exe
- Size
  
  823KB
- MD5
  
  a3ccc65ae7d39d213250443588731af9
- SHA1
  
  489b07237cf951faca46c6f525d9c436957347f2
- SHA256
  
  75542249fc08f4392189a0807595f18580aa17487530bc5527bf928a0b78146c
- SHA512
  
  c286e9aef914f008f31de8ce39c7861b8d26459a675d9a17dac80ab3db82e5d3edb04c4382c0c3ef2669a42a0c7867c7399d399d18d9cb154fa7f01111ef702f
- SSDEEP
  
  24576:zJDclNQn4W0luDOmFwhdDh2TK+uLfplhyEXwC:tDvTVT94Rrx
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Zip.dll
- Size
  
  564KB
- MD5
  
  f933a5dbb88488307bf51584c9944c90
- SHA1
  
  50dc230cf29248f143dc576895bb26c7f3cd421e
- SHA256
  
  9bb311b6643500285049addb82fe2286dea34856a0b443af708335e286a44494
- SHA512
  
  85f75c6ae4fe350854f8f1ebf70d6bcf277d9a62dbc9da8b618725a62d2c00256b4f067bd54b0269c5995f63c5212df99893731a0fb749ecc25852119bba2f7b
- SSDEEP
  
  12288:BXVvnQ5S4iujAs1+7lwEFbxGJKkUGBbl2+ZjuNPuiCjUTKbJF5:FVvncZiu0s2lwEFbxGJKkUGBbl2+Zjuk
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  madBasic_.bpl
- Size
  
  211KB
- MD5
  
  641c567225e18195bc3d2d04bde7440b
- SHA1
  
  20395a482d9726ad80820c08f3a698cf227afd10
- SHA256
  
  c2df993943c87b1e0f07ddd7a807bb66c2ef518c7cf427f6aa4ba0f2543f1ea0
- SHA512
  
  1e6023d221ba16a6374cfeb939f795133130b9a71f6f57b1bc6e13e3641f879d409783cf9b1ef4b8fd79b272793ba612d679a213ff97656b3a728567588ecfb9
- SSDEEP
  
  6144:XN/kSQxE6qeM/k4qTl5L5e5+53WCG1CbF/FrfPf:AqeM/k4qR5L5e5+53WulZn
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  madDisAsm_.bpl
- Size
  
  64KB
- MD5
  
  3936a92320f7d4cec5fa903c200911c7
- SHA1
  
  a61602501ffebf8381e39015d1725f58938154ca
- SHA256
  
  2aec41414aca38de5aba1cab7bda2030e1e2b347e0ae77079533722c85fe4566
- SHA512
  
  747ea892f6e5e3b7500c363d40c5c2a62e9fcf898ade2648262a4277ad3b31e0bcd5f8672d79d176b4759790db688bf1a748b09cbcb1816288a44554016e46d3
- SSDEEP
  
  1536:LNy3eqMne0sXB0IWtCLwEJhY0w1VmLPx5wdB3htW:LqMnfIB04LwEJhY0w16xAFW
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  madExcept_.bpl
- Size
  
  437KB
- MD5
  
  e8818a6b32f06089d5b6187e658684ba
- SHA1
  
  7d4f34e3a309c04df8f60e667c058e84f92db27a
- SHA256
  
  91ee84d5ab6d3b3de72a5cd74217700eb1309959095214bd2c77d12e6af81c8e
- SHA512
  
  d00ecf234cb642c4d060d15f74e4780fc3834b489516f7925249df72747e1e668c4ac66c6cc2887efde5a9c6604b91a688ba37c2a3b13ee7cf29ed7adcfa666d
- SSDEEP
  
  6144:hlAz49EKhEV30F8sl88nTjQ4Q50gEcW/jd+o72niVUNMa4Yn2Bq:hlG4ut30F8slzYlQcW/jd++2nJ6u2Y
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  rtl120.bpl
- Size
  
  1.1MB
- MD5
  
  adf82ed333fb5567f8097c7235b0e17f
- SHA1
  
  e6ccaf016fc45edcdadeb40da64c207ddb33859f
- SHA256
  
  d6dd7a4f46f2cfde9c4eb9463b79d5ff90fc690da14672ba1da39708ee1b9b50
- SHA512
  
  2253c7b51317a3b5734025b6c7639105dbc81c340703718d679a00c13d40dd74ccaba1f6d04b21ee440f19e82ba680aa4b2a6a75c618aed91bd85a132be9fc92
- SSDEEP
  
  24576:GbhVoNWbA1m6z1hGaMopv3RdaK6IPFf0DtDN9Tox0gc:vtQZPTtgc
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  vcl120.bpl
- Size
  
  1.9MB
- MD5
  
  c594d746ff6c99d140b5e8da97f12fd4
- SHA1
  
  f21742707c5f3fee776f98641f36bd755e24a7b0
- SHA256
  
  572edb7d630e9b03f93bd15135d2ca360176c1232051293663ec5b75c2428aec
- SHA512
  
  33b9902b2cf1154d850779cd012c0285882e158b9d1422c54ea9400ca348686773b6bacb760171060d1a0e620f8ff4a26ecd889dea3c454e8fc5fa59b173832b
- SSDEEP
  
  24576:j2gekcIlYas4GaAKBTZTkZbJ7YBRSjr2WLPcgjzTGlyz6F:jRvzfZT3XSmqcOTGc+F
Score

3^/10

discovery
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14