lumma | 25cb832f9eb2346c8a4ec411b6ecc3eb9e9142ef46fbaccf8acb3a9067993637

Sharing

Copy URL

Twitter E-mail

General

Target

ValorantExternalCheat-main.zip
Size

276KB
Sample

250121-x25a3ayjdp
MD5

e19418334073fe555b50081d008b6456
SHA1

01c7b1f7c567dbf1f568084e67a0f45deb23458b
SHA256

25cb832f9eb2346c8a4ec411b6ecc3eb9e9142ef46fbaccf8acb3a9067993637
SHA512

38cd4ecaa43fce9122d8bca2dd8e52ced4504a76616b775af174a58695deb115faae01c8e445f9705ed055e64d668174bbc46bb5547ef557134c3419920b9b7f
SSDEEP

6144:VfBvW03SUNn/H1VEmtpjDqErPdAaihE2/pI8qj7ZaLP5TkPiH:Vpp3J1OODqIPdAdq2/q97ALRTBH

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://undesirabkel.click/api

Extracted

Family

lumma

https://undesirabkel.click/api

Targets

- Target
  
  ValorantExternalCheat-main.zip
- Size
  
  276KB
- MD5
  
  e19418334073fe555b50081d008b6456
- SHA1
  
  01c7b1f7c567dbf1f568084e67a0f45deb23458b
- SHA256
  
  25cb832f9eb2346c8a4ec411b6ecc3eb9e9142ef46fbaccf8acb3a9067993637
- SHA512
  
  38cd4ecaa43fce9122d8bca2dd8e52ced4504a76616b775af174a58695deb115faae01c8e445f9705ed055e64d668174bbc46bb5547ef557134c3419920b9b7f
- SSDEEP
  
  6144:VfBvW03SUNn/H1VEmtpjDqErPdAaihE2/pI8qj7ZaLP5TkPiH:Vpp3J1OODqIPdAdq2/q97ALRTBH
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  ValorantExternalCheat-main/Aimbot.hpp
- Size
  
  11KB
- MD5
  
  c03b9c70434216e9114ab5f899131e92
- SHA1
  
  58cbb7141ae22ca387d5b24a6add55cd6ec40891
- SHA256
  
  ed54909602142b450bb79ee3a03efd4cee0ed4249cd01b3043ae818e14919195
- SHA512
  
  65cdcd559ce0b31a0a00878b9c3616423308ed7c807bdb1bba51ba80a0ed434e276a943f870156d0b1653d3271b6a92f38dbb884621aa4e9350cd72eee21e80d
- SSDEEP
  
  192:o/lRm8FKCZLGV+8+kh1yKehcPQtcGy7MIq:s8CBB8+K1yKEcPQSGy7K
Score

3^/10
behavioral2
- Target
  
  ValorantExternalCheat-main/Classes.hpp
- Size
  
  19KB
- MD5
  
  87de1d8f769cee2827fc45c3e3dab467
- SHA1
  
  76f17f6b9084f2050caf21aff55d7ff867cbecc8
- SHA256
  
  dc6b29ef192424ae26421200d3f7e270af2c6065358e14e88a7b7d3da0ba26e4
- SHA512
  
  c273f9ebd4a594922a3387c5803085d9c12a05c8e65131e589713fc102df891e4cd30b50b3be48f88b13910f56008d71cea45f7b560a023d1cb11c3f67a96a5b
- SSDEEP
  
  192:JAaYtTbhCVYzr9lDP6xZl5p9IzG2Yy5PRYobgDSWdsfvUJlygB8+PlykhBJe:+aYtkYzrfDPOZLEq2Yy/YobgabgVPAwy
Score

3^/10
behavioral3
- Target
  
  ValorantExternalCheat-main/Core.cpp
- Size
  
  8KB
- MD5
  
  290fa5f6a5b71fa1318bdb51ffee8d26
- SHA1
  
  020c958f3ea286d7e41de39e6ef5fbfaa0f50c79
- SHA256
  
  6ba824ad991fee0e7337d88b3dca5f1f71c10dba4023b65ce37da58bc4dcc8f2
- SHA512
  
  692785c68998b67c910724d407e73cb58373f05c8aec34bb98ecad5e47562d51ca050c2a477241a7345f678eb09e74f9e8bb2a24d9c3c280c6edd272acee0e44
- SSDEEP
  
  192:Z/OKDdAQNFPXpuSNa80cvJNpP5GRoFQ4nUD6yJ:mQp/NfNpO42
Score

3^/10
behavioral4
- Target
  
  ValorantExternalCheat-main/Core.hpp
- Size
  
  78B
- MD5
  
  585d19f617e00a77e66d75d0bb4cdc69
- SHA1
  
  b96ce86722c3ec4834df2f2855714114102565c0
- SHA256
  
  828f867c968fe7daf1163d1f607bed3d6095b183888b5d41f2d1213c71c3eb89
- SHA512
  
  2e7138507ed345f553f8d8f2cffab8e29d4a57f716d969f5b9672e06ba7f8d01971041e70bd395a8a9fd88c7e2ebc7706a41c3c1e6a41d534dac2420d4e78761
Score

3^/10
behavioral5
- Target
  
  ValorantExternalCheat-main/CustomWinApi.hpp
- Size
  
  2KB
- MD5
  
  cbecd4f646bdc33fdd5a51c6129e0d66
- SHA1
  
  3b30641b373f04d123a037246c0c28d50722045a
- SHA256
  
  3345ba28cdb24ca73b3e3d3b4aa72ad623cdd478b7bff31e0faccf57f362ec7b
- SHA512
  
  b68b39f99886b05d14d7888f1b8d0a56b941a3032462ef7cdc1b57aee73b521783eb3954cf6fd579a43158a3674ce4ff1e9c712d7a0ee85c8a05e24347614602
Score

3^/10
behavioral6
- Target
  
  ValorantExternalCheat-main/LICENSE
- Size
  
  11KB
- MD5
  
  86d3f3a95c324c9479bd8986968f4327
- SHA1
  
  7df059597099bb7dcf25d2a9aedfaf4465f72d8d
- SHA256
  
  c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4
- SHA512
  
  dc6b68d13b8cf959644b935f1192b02c71aa7a5cf653bd43b4480fa89eec8d4d3f16a2278ec8c3b40ab1fdb233b3173a78fd83590d6f739e0c9e8ff56c282557
- SSDEEP
  
  192:fU6G5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEn7HbHR:M9vlKM1zJlFvmNz5VrlkTS07Ht
Score

1^/10
behavioral7
- Target
  
  ValorantExternalCheat-main/Loader.exe
- Size
  
  489KB
- MD5
  
  d685ae29670dbc00b6665b5511bda6cb
- SHA1
  
  2f49b83a6d7a5f9e5151c6f7f1b3fa9e6f4b25a9
- SHA256
  
  0518c095cc948ab003cd4d12a1f95f0579c52c17f9102976b5799cd0bd85e6a2
- SHA512
  
  d7705fcd8751a49cc17962ac9b6e228f55ef74aab066cabdd5de74518686feaea951487a042683ea3e055ce04e0b971b528572aac920f325fcf64d34167450de
- SSDEEP
  
  12288:uiNSSLq47oIkbTUINbTDw7j/puQ/FU5A8e2CI582g/c10/nGZj:uicGq47oDwgbTDGjxJ/2i8MI
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral8
- Target
  
  ValorantExternalCheat-main/README.md
- Size
  
  993B
- MD5
  
  fc31c06a63dbc35bfabafbd7555bd919
- SHA1
  
  98b35014963571d5b662d0a6e31183fbee64e81d
- SHA256
  
  41fac9e19c1142f3da2ed95f8bb73f0918b153315ccbe70a0a26393bf0876eb6
- SHA512
  
  86147e2f1fad4bc87512509a8ea468053d04eaeb66c8827ee94a4b8e16d3504fbe485d4ba4a2081651cc4f71b14a6dd0e3748b34aef2b57fe6ede2d6e29cd126
Score

3^/10
behavioral9
- Target
  
  ValorantExternalCheat-main/auth.hpp
- Size
  
  1KB
- MD5
  
  68ca7e05166eb5e3d6de4fc6e52749ba
- SHA1
  
  343e9a636141ee4cf970765bd707fd56a7f2bd02
- SHA256
  
  3414a4cb52b4efadfb3c86d451542adbfddd02f6b988c0855052ec287b308222
- SHA512
  
  1608ea43f38ec60d3a059279994c3db91be1e3de183bd5aa0464fb22f2f231a604b905e419ac730553f8f20b9206e7e096b12dda7794f7cd2fedb6b20a112bb1
Score

3^/10
behavioral10
- Target
  
  ValorantExternalCheat-main/d3d_Hook.cpp
- Size
  
  3KB
- MD5
  
  ff05bbbd7f112d14088a76ba93aecdc2
- SHA1
  
  9c132125a266ab8419b03d0c95d236b133d737ba
- SHA256
  
  c82208bff966293bf18ada811fa147d174972cc61f5d6bf7cfb24ff6633a5236
- SHA512
  
  ebb88e965addb7e769e036b274c5503124016c4ce8465fc3b2a6ee491aef182b7b05b47e74adc2a567f5f41851e8b2ceb1f8270760ebf97f831aa319331aa21a
Score

3^/10
behavioral11
- Target
  
  ValorantExternalCheat-main/d3d_Hook.hpp
- Size
  
  480B
- MD5
  
  dc9c03ce97ed34f5df7ed6a12b9bdf20
- SHA1
  
  445b14f7bd53c638f85981e1c9864291def57f4a
- SHA256
  
  33c8b94e133540c737622cc6ad29065a0f2e7f76ac505374b753e201391671b0
- SHA512
  
  9e18c3e2204442375efa1f12893d0df321fa01c1a3dfbde5bfdefbf5034c00aebdbc962c96d061093b78eec028ae9d75c707f995f07d4f3567a84c07ea0fda9b
Score

3^/10
behavioral12
- Target
  
  ValorantExternalCheat-main/dllmain.cpp
- Size
  
  5KB
- MD5
  
  59eb0a57e183701dbb510e4dec7cd51c
- SHA1
  
  7cf0453bedb1458188c0593fe7cf0dc7aa5a2790
- SHA256
  
  0cf70b9bda1c28740f76ca9f46dd81064e5da84410f9b80e34a6b576fba41a2e
- SHA512
  
  af3ad24da22324bd004797de3200bc83f60c28f870e53dddf071b5d8600a53b1df928f14bbc5ddc65247b8f3e668ca1270c5aa24e111275405c5a426b4d5f2df
- SSDEEP
  
  96:ybYRJtgYfFW5lUbN2hECNzXHmE7jMKyJ0NS4qU2eS4uRbISDS4uQKQS4u0WQS4q:n2YdpZqzXHhjRyJ0NSpU2eSlRbISDSl1
Score

3^/10
behavioral13

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13