Overview

overview

10

Static

static

1

New [v2.5.0].exe

windows7-x64

10

New [v2.5.0].exe

windows10-2004-x64

10

$TEMP/Consumption

windows7-x64

1

$TEMP/Consumption

windows10-2004-x64

1

$TEMP/Lounge

windows7-x64

1

$TEMP/Lounge

windows10-2004-x64

1

$TEMP/Mozilla

windows7-x64

1

$TEMP/Mozilla

windows10-2004-x64

1

Commitment...hester

windows7-x64

1

Commitment...hester

windows10-2004-x64

1

SharewareRemain/Pty

windows7-x64

1

SharewareRemain/Pty

windows10-2004-x64

1

WonderfulM...raphic

windows7-x64

1

WonderfulM...raphic

windows10-2004-x64

1

WonderfulM...bs.cab

windows7-x64

1

WonderfulM...bs.cab

windows10-2004-x64

1

Absorption

windows7-x64

1

Absorption

windows10-2004-x64

1

Bonus

windows7-x64

1

Bonus

windows10-2004-x64

1

Carefully

windows7-x64

1

Carefully

windows10-2004-x64

1

Degrees

windows7-x64

1

Degrees

windows10-2004-x64

1

Minnesota

windows7-x64

1

Minnesota

windows10-2004-x64

1

Physician

windows7-x64

1

Physician

windows10-2004-x64

1

Postcard

windows7-x64

1

Postcard

windows10-2004-x64

1

Printed

windows7-x64

1

Printed

windows10-2004-x64

1

Resubmissions

23-01-2025 18:16

250123-wwjxhazmfj 10

23-01-2025 18:14

250123-wvp25aykbv 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    New [v2.5.0].exe

  • Size

    120.0MB

  • Sample

    250123-wwjxhazmfj

  • MD5

    570ccc2907d0679ad492ad3a07839a53

  • SHA1

    5ac162c24707be0b0ed77504e01440ab3cc3b8bc

  • SHA256

    d7de09b2efaa64ac6f2ee08a518179d13de107e46ab17392849fb7ef088ff357

  • SHA512

    5311d9ece98a4b461b3677b6790345b2c5134291575a73265a1c454e682cc5d770be1ed535a7f7c5fbe9525b72828f74f43461cd4e509576b94484c078159055

  • SSDEEP

    24576:0lNRzJv8ylX2/5VBCPdFFXru+5t4qpM/vc3b7Tb7j:mHJv8ylOC3Y+z4qSc/

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

https://suggestyuoz.biz/api

Targets

    • Target

      New [v2.5.0].exe

    • Size

      120.0MB

    • MD5

      570ccc2907d0679ad492ad3a07839a53

    • SHA1

      5ac162c24707be0b0ed77504e01440ab3cc3b8bc

    • SHA256

      d7de09b2efaa64ac6f2ee08a518179d13de107e46ab17392849fb7ef088ff357

    • SHA512

      5311d9ece98a4b461b3677b6790345b2c5134291575a73265a1c454e682cc5d770be1ed535a7f7c5fbe9525b72828f74f43461cd4e509576b94484c078159055

    • SSDEEP

      24576:0lNRzJv8ylX2/5VBCPdFFXru+5t4qpM/vc3b7Tb7j:mHJv8ylOC3Y+z4qSc/

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

    • Target

      $TEMP/Consumption

    • Size

      29KB

    • MD5

      1552834983944f62a4093e29efff780e

    • SHA1

      66f57f48d033b9882ccf9cb9d3f27259f679df50

    • SHA256

      fda6bf070a97ace4804364f687dd5b7ab956d7224cefa15ac4d0bff322cac8c1

    • SHA512

      e44c7e9f7a074638d86e1776554ac674ee56276f21216332edfa10c759d83ab1d5ed7c3a8f64a1f8c436df5bee4f05a700bb8c8af17684263391448f87df4cbc

    • SSDEEP

      384:oRU6SkIeXlhBJ6Wnp0oav1hlnA+FL1Mdr3swyjewCkBu+haAuIpycr2KbWat//x2:O8kIYbFnpradhlnLxhwtxYXE+/ZR0Jbv

    Score
    1/10
    behavioral3behavioral4

    • Target

      $TEMP/Lounge

    • Size

      20KB

    • MD5

      a1fb8fa6d04e195c4ea27bf10438ed12

    • SHA1

      319ab320811479cd466bd9396a0ec66c3ec29024

    • SHA256

      1985c2710bd03de194ec61946407309fb6bc30e3f5b96b2af2f6887318508eb9

    • SHA512

      aa69921acb0626427b6bf1889ecbd0fd5c3acdfc4def50b4cd39c3e994f7d3c2dff73fc2c3282967ecd0c92c6589da9a2c0e33f33ba8fdfa42cdaac066eedc23

    • SSDEEP

      384:AxroCtNHjNXQwWmnnRbwiIQpYZBviRulolMd6lv/1MMd6KZNt56ijFIRF9:kocjtQMnRbwpQYZBvi0ol7lv/+96vTZ8

    Score
    1/10
    behavioral5behavioral6

    • Target

      $TEMP/Mozilla

    • Size

      86KB

    • MD5

      a9ab6e9df2586c721e64b9c991718d4d

    • SHA1

      2d4908bcbb2109ef3da56a038bd0e92785363287

    • SHA256

      9c5ca9aab888e8507dac381b7243b8f970e5654e844c3f50012ed4bc4ce5cba8

    • SHA512

      dfd807f68c96a486741afea740cd87920bd53c5308e0fc88fb08ccec9fc84dad4bc87c2d3a998de87eaa4a7cd7dc4831f0eaa3decbd2ed32f16335a1e801ff47

    • SSDEEP

      1536:L4KhaaiRIbc3p2j9gNzgoWMoUoHeBP8k/cySOSXWIcogDraQsE36eM4QnacDBsP:LzbS2jm2VUoHGEyAcog1sEIRtDu

    Score
    1/10
    behavioral7behavioral8

    • Target

      CommitmentCollectible/Chester

    • Size

      79KB

    • MD5

      904b699f5ca62fdacf3846c6b284f72f

    • SHA1

      c0feaa1fc7d25719d1fb0c90c54e342ab2e89630

    • SHA256

      b72d39f30afd14049bd6e24f9aa9dad1853cfa8b33cf6f45aad8a1572a7e13d7

    • SHA512

      fd064cf924ba69d86f2f5b6471115f6d4621fc5ea8db710848fb419c1ef9caf6c259643ed9e098a3fbf548d280758be3a538fe8f0a06f11bd81febbc3db72f00

    • SSDEEP

      1536:9a5wbSkdDWAlOrIIWRk+DlhWSJJYwAHHQwVxtDO/AYLBRXgQEl5AGqm/:9a5wbZWTxWRXgCZyw4DO4+g73eK

    Score
    1/10
    behavioral10behavioral9

    • Target

      SharewareRemain/Pty

    • Size

      96KB

    • MD5

      0aeaf7a47e2f901985fd29749c000421

    • SHA1

      4c0a3222915a9c3d6b8893b1da62e39aaa603be7

    • SHA256

      f3f8b0a519e6bb8d5954bb59c26d8057e6ee6f0cccf9f875a6e88b377f69e1b1

    • SHA512

      6cce566f5ddeaf02370f182dda3540b73266db2b410e01c0c12490891edc8deafdeee0244e19ebc913bef941ba2086708e97d64c4af2ebe5e3696ffe633d31ab

    • SSDEEP

      1536:s+FR7fkn8aO4jsRt8DZgugx19mzE4r2OcOQO2lb98HsBw+RKZE/KTyAs8kqv7DtA:s4Dkn8aO4jct8dL8mzE4rJcnOWB8Hs60

    Score
    1/10
    behavioral11behavioral12

    • Target

      WonderfulMotherboard/Bibliographic

    • Size

      55KB

    • MD5

      280bdc4be58eaa596e1ec62ae235f22f

    • SHA1

      fec17450e06dd925d8518a99badd71f37a52bc05

    • SHA256

      7de19915e5cc8829aceb364472aede850331594ed63424eb0afeafa2222e6cb3

    • SHA512

      f7dd0a9ff2d10a2775fdaf1a69a09a1a206720ba70dda14756da8ba74b5b6b1a154a2448a2e7c93c8824e0afd32a37e79241c754795fd989c10366bdf831814d

    • SSDEEP

      768:l9tffes7P4cQgvAcQO7JQTrEtZ2kz8C8mJegt8bNNr+bmcrigFMR54L+b5IvtElG:TD4kdqz+SZwbmc5FMULgsKlfFVBwBGnG

    Score
    1/10
    behavioral13behavioral14

    • Target

      WonderfulMotherboard/Jobs

    • Size

      477KB

    • MD5

      db99d509eea8e74016a859e962284bd4

    • SHA1

      9ac1705e3390a39f2b3fed4bbfdf5d039d379bce

    • SHA256

      4fab93edc91df9eceb230f5fbe9d8814906fa4df13fb12b07d9aa58525c0623d

    • SHA512

      262e5ce2aec3d07a33e41e4136f7f13802b5f6e348c73ca4b7f4e82a6ba603711939f6123021c1e19f638bf64b98ce9ad35c3b10ea5752c3d5789edc75a4384e

    • SSDEEP

      12288:ow6WCyAILXG8IKY6IG7Minz67u5EToKT/l0nGbcIOI6Xf/S4+:ow6WCyLC1KTIgX6K0xpOPCN

    Score
    1/10
    behavioral15behavioral16

    • Target

      Absorption

    • Size

      105KB

    • MD5

      a4ff480dc521cbe2c5303d2a75b0c4f8

    • SHA1

      8e3b37993a29f7f2495f1e33fae2946181fca60b

    • SHA256

      d27172de727eae0550882c9d09c123679b16c0b579497e71213c473daed602cd

    • SHA512

      907a2018c19bbf93d40f825d915b2ec3b4f7f6cc402a63af741d3a871d243e4ff097727d1f3c6d10e0a1a0e69b7be8334622a00196a822a178ff899eae861eee

    • SSDEEP

      3072:kqVnBypIbv18mLthfhnueoMmOqDoioO5bLezW9FfTut/Dde6n:xVnjphfhnvO5bLezWWt/Dd3n

    Score
    1/10
    behavioral17behavioral18

    • Target

      Bonus

    • Size

      17KB

    • MD5

      8347978dbfde43a95954878c8156d261

    • SHA1

      4b7155589fce91fdeca5af5276aedaad873c8465

    • SHA256

      02e7fc76c0cbbb131335a1ae5279e7d39dfdf49cfe24a0ec5dd3711954e1a8b9

    • SHA512

      9d1fdb47e5fb56a294235c22587965d5e510069a4ae1fbccb0007bb97e891b6357b3942b591cfbd8f392481f96ce62a69c7180a2069ff39ed0b9924193590e2f

    • SSDEEP

      384:bn929MwO/ChZrzmZGhLdXVaeCVrVEVFJ8ZcGwGBk7/UMQ3rw:7uO/ChgZ45VatJVEV3GPkjF

    Score
    1/10
    behavioral19behavioral20

    • Target

      Carefully

    • Size

      145KB

    • MD5

      f11ac72a65beff74ce058b08760c5918

    • SHA1

      738f5c21aefbaf41ac82878e8aa080f1293c863f

    • SHA256

      90f2a9cdc6ea437315fbf4a25625353e1d05261d3244be0a7b3ce61537d3e35a

    • SHA512

      94bf6336710fe4aac45054e0d59c3b334d3d0eeb1c078c9e81f571cdd72f3210e6482f70a854864367b62bbb4a50293f270f88fd04b2b21bd4c7a0e4c66fb332

    • SSDEEP

      3072:u640ewy4Za9coRC2jfTq8QLeAg0Fuz08XvBNbjaAtsPB:14V14ZgP0JaAOz04phdyJ

    Score
    1/10
    behavioral21behavioral22

    • Target

      Degrees

    • Size

      67KB

    • MD5

      d9f233e220d96e0f59801baef6b60b0a

    • SHA1

      908c77dc92680cbb25e37bff0410cf83bb212297

    • SHA256

      cb3609f8b2f03d46f93a31dd0934f7248f7de5c2143a3a4442dda08c4bc22dae

    • SHA512

      7c66e302f9a66c14bf8a7f3f0c7e73a19c7dac41152971930cf8e4b1b0d70cd1d696ae74c40b06ed6b72a21f9cea04a9a4559d8182b1d752e4cef56a6db02361

    • SSDEEP

      768:Hr8qcDP8WBosd0bHazf0Tye4Ur2+9BGmd9OTGQ1Dv7sMvLHfR/ZByLi9:HrDWyu0uZo2+9BGmdATGODv7xvTphAi9

    Score
    1/10
    behavioral23behavioral24

    • Target

      Minnesota

    • Size

      80KB

    • MD5

      1a7c08fe259b01f6b5157eff4a799c57

    • SHA1

      a3fddbedd188db445fdb949991ec68e764d50ea3

    • SHA256

      1a632c6db3b1b5c55d70117068aa553a55551b8b977f0a8fa3af780ab344ff11

    • SHA512

      cd2d0155db904d94c84e8a6fd315974dfe32f7dfa9fe7f9e9eb8ac2336e3cd67e1f05d17ed62a775fbdb86eab239e400c2d7c4a6dc939ed0a9992b4b3f15865f

    • SSDEEP

      1536:v/AD1EsdzVXnP94SGGLpRB6M28eFvMVpYhWoXElJUzdlDfFgQa8BpDzX:ng5PXPeiR6MKkjGWoUlJUPdgQa8Bp/X

    Score
    1/10
    behavioral25behavioral26

    • Target

      Physician

    • Size

      116KB

    • MD5

      11802058b36e883192010392113a7be0

    • SHA1

      99ddd20efc61a04a47456bd02ba25e64a91f7326

    • SHA256

      c4c65f1c1a2a2853203b8ce41b82d8872b05b5f0d7e45fdeaeee17d22ffeceb5

    • SHA512

      5cb6fe3ef779a8a333d0c5c5a5a3fdbde0475812613f8e18d700c9eedc12e2063cdf769c434c81026854177c720921661305cf1ae713d1ec5b9e1081f1ca57c1

    • SSDEEP

      3072:6PtCZEMnVIPPBxT/sZydTmRxlHS3NxrHSBRtNPnU:oCOMVIPPL/sZ7HS3zcNPU

    Score
    1/10
    behavioral27behavioral28

    • Target

      Postcard

    • Size

      77KB

    • MD5

      61d04b2f6df79b47d60a0356c2bee770

    • SHA1

      500ea5ed75e0387cfd427e0e9cc3798bb027315a

    • SHA256

      7443e5fd09c2c710bc4cdc07186133d9ae4b4f6425bad3028c878251feea2fdc

    • SHA512

      77b0398aa5962932c7fb8e325f6eb0e3796d6adc12a85e15938b9a65b37e8a98a839ed5971e0aadfcc48f139192750e1639b898cb641cc82a500a93386779716

    • SSDEEP

      1536:eSDOSpZ+Sh+I+FrbCyI7P4Cxi8q0vQEcmFdni8yDGVF3:ZDOSpQSAU4CE0Imbi8F

    Score
    1/10
    behavioral29behavioral30

    • Target

      Printed

    • Size

      104KB

    • MD5

      e4a398fbbb5f4c6416522392f2e81721

    • SHA1

      ae26032aaace2fb65793aaa7effbb2b4d14bef13

    • SHA256

      47eef8c60010563d740aa63397fb8124c4fa9d0ca66f4c331643b53cdb54f9eb

    • SHA512

      04075e3e2f1528d8127fd29d8ec5af7ce477fa3551948319b16bb36b05074930fe63d56cee172ca87ef93e147a3cedc8cff4f4bd8a72888dcb2f7cec8131a7a5

    • SSDEEP

      3072:q0nEoXnmowS2u5hVOoQ7t8T6pUkBJR8CThpmESv+T:q0nEo3tb2j6AUkB0CThp6v2

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
1/10

behavioral1

lummadiscoverystealer
Score
10/10

behavioral2

lummadiscoverystealer
Score
10/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10