Overview

overview

10

Static

static

3

Qt5Core.dll

windows7-x64

1

Qt5Core.dll

windows10-2004-x64

1

Qt5Network.dll

windows7-x64

1

Qt5Network.dll

windows10-2004-x64

1

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

libcrypto-1_1-x64.dll

windows7-x64

1

libcrypto-1_1-x64.dll

windows10-2004-x64

1

libssl-1_1-x64.dll

windows7-x64

1

libssl-1_1-x64.dll

windows10-2004-x64

1

msvcp140.dll

windows7-x64

1

msvcp140.dll

windows10-2004-x64

1

msvcp140_1.dll

windows7-x64

1

msvcp140_1.dll

windows10-2004-x64

1

opengl64.exe

windows7-x64

1

opengl64.exe

windows10-2004-x64

1

steam_api64.dll

windows7-x64

1

steam_api64.dll

windows10-2004-x64

1

vcruntime140.dll

windows7-x64

1

vcruntime140.dll

windows10-2004-x64

1

vcruntime140_1.dll

windows7-x64

1

vcruntime140_1.dll

windows10-2004-x64

1

x64/trading_api64.dll

windows7-x64

1

x64/trading_api64.dll

windows10-2004-x64

1

x64/tradin...ts.dll

windows7-x64

1

x64/tradin...ts.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ecc4c4040ee33d992e8a77d5f83fff1ad70ecd03398a54b3acc6af00bdfe62b.zip

  • Size

    17.7MB

  • Sample

    250127-s8texswjaz

  • MD5

    2b5c0647b348d4be52a88a47e99d6281

  • SHA1

    701b5af7144a9d647051197f4ffea6e2e0863573

  • SHA256

    8ecc4c4040ee33d992e8a77d5f83fff1ad70ecd03398a54b3acc6af00bdfe62b

  • SHA512

    6e978c8259ec8c49b64d80a5340c41766f3afc06f8e8cbee16bbb41d5e0cd08c6bddf5cc75e136874d24c4f5e0d127472c1cf260495e7109abedebd7fc84937e

  • SSDEEP

    393216:QBVOLtoKiQMG6VsdISxWY38gCdf2fMRiR7o3Laj6pshPa/39Gr31:ZtojtCdou8z2MRiREtWPa/E31

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://snailyeductyi.sbs/api

https://ferrycheatyk.sbs/api

https://deepymouthi.sbs/api

https://wrigglesight.sbs/api

https://captaitwik.sbs/api

https://sidercotay.sbs/api

https://heroicmint.sbs/api

https://monstourtu.sbs/api

https://legislatiu.cfd/api

https://legislat/api

Targets

    • Target

      Qt5Core.dll

    • Size

      6.0MB

    • MD5

      68e600cb754e04557ef716b9ebc93fe4

    • SHA1

      8302ab611e787c312b971ce05935ff6e956faede

    • SHA256

      8f4c72e3c7de1ab5d894ec7813f65c5298ecafc183f31924b44a427433ffca42

    • SHA512

      8bbd7d14b59f01eba7c46a6e8592c037cab73bed1eb0762fc278cf7b81082784e88d777a32f71bc2de128c0186321004bfa4ca68d1bcaa5660694c007219e98e

    • SSDEEP

      98304:cE5jJSnL0VxTOnyJJsv6tWKFdu9Cs/CzYnxqfRgw:cE5NSn0xLJJsv6tWKFdu9CMkexqfRF

    Score
    1/10
    behavioral1behavioral2

    • Target

      Qt5Network.dll

    • Size

      1.3MB

    • MD5

      375f1024c7b1d57a549ae13ee43f0251

    • SHA1

      870f80500d067de505cda1496bb1cb4707f7ca6b

    • SHA256

      42be1410c01d758949fef6ee9bfc2fa25d0720cf6613c4ef953ad339601c215f

    • SHA512

      49f6a9d21c38784690aae673708d9eddfec7de383ae659ba7ec1261dd426d4c18e26803ff801fafc5568131b93cf56deade25575b498422bbb02d270313e5da0

    • SSDEEP

      24576:nO51NG2bq1mhQpCR4SSUVxiKZivazsu3pUlSuMEFR+PoT0lCU:X4hQoRpSUVYKZqesu3pUlNMEePoT0E

    Score
    1/10
    behavioral3behavioral4

    • Target

      Setup.exe

    • Size

      5.4MB

    • MD5

      ad2735f096925010a53450cb4178c89e

    • SHA1

      c6d65163c6315a642664f4eaec0fae9528549bfe

    • SHA256

      4e775b5fafb4e6d89a4694f8694d2b8b540534bd4a52ff42f70095f1c929160e

    • SHA512

      1868b22a7c5cba89545b06f010c09c5418b3d86039099d681eee9567c47208fdba3b89c6251cf03c964c58c805280d45ba9c3533125f6bd3e0bc067477e03ab9

    • SSDEEP

      98304:o/zx+riUDpJowboU+XEsumY2XW6jBYeZ1ER:2x+riUDwUj12X1tY5

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral5behavioral6

    • Target

      libcrypto-1_1-x64.dll

    • Size

      2.7MB

    • MD5

      28dea3e780552eb5c53b3b9b1f556628

    • SHA1

      55dccd5b30ce0363e8ebdfeb1cca38d1289748b8

    • SHA256

      52415829d85c06df8724a3d3d00c98f12beabf5d6f3cbad919ec8000841a86e8

    • SHA512

      19dfe5f71901e43ea34d257f693ae1a36433dbdbcd7c9440d9b0f9eea24de65c4a8fe332f7b88144e1a719a6ba791c2048b4dd3e5b1ed0fdd4c813603ad35112

    • SSDEEP

      49152:KlOh5PuX2I9Rkf5gnQ7duzGuqFCtLQ2IqNPz38JQ41CPwDv3uFfJ:Q2Irkn2Iqt38C41CPwDv3uFfJ

    Score
    1/10
    behavioral7behavioral8

    • Target

      libssl-1_1-x64.dll

    • Size

      669KB

    • MD5

      4ad03043a32e9a1ef64115fc1ace5787

    • SHA1

      352e0e3a628c8626cff7eed348221e889f6a25c4

    • SHA256

      a0e43cbc4a2d8d39f225abd91980001b7b2b5001e8b2b8292537ae39b17b85d1

    • SHA512

      edfae3660a5f19a9deda0375efba7261d211a74f1d8b6bf1a8440fed4619c4b747aca8301d221fd91230e7af1dab73123707cc6eda90e53eb8b6b80872689ba6

    • SSDEEP

      12288:PcPPRr7K55yAAKDNkk1+cFc+CmRkS9/+wDe1rlXiE4D9u3AG3UQjA5WU2lvz:2N43+cFcmYhXixo7708U2lvz

    Score
    1/10
    behavioral10behavioral9

    • Target

      msvcp140.dll

    • Size

      564KB

    • MD5

      1ba6d1cf0508775096f9e121a24e5863

    • SHA1

      df552810d779476610da3c8b956cc921ed6c91ae

    • SHA256

      74892d9b4028c05debaf0b9b5d9dc6d22f7956fa7d7eee00c681318c26792823

    • SHA512

      9887d9f5838aa1555ea87968e014edfe2f7747f138f1b551d1f609bc1d5d8214a5fdab0d76fcac98864c1da5eb81405ca373b2a30cb12203c011d89ea6d069af

    • SSDEEP

      12288:RBSNvy11qsslnxU/1ceqHiNHlOp/2M+UHHZpDLO+r2VhQEKZm+jWodEEVAdm:RBSDOFQEKZm+jWodEE2dm

    Score
    1/10
    behavioral11behavioral12

    • Target

      msvcp140_1.dll

    • Size

      34KB

    • MD5

      69d96e09a54fbc5cf92a0e084ab33856

    • SHA1

      b4629d51b5c4d8d78ccb3370b40a850f735b8949

    • SHA256

      a3a1199de32bbbc8318ec33e2e1ce556247d012851e4b367fe853a51e74ce4ee

    • SHA512

      2087827137c473cdbec87789361ed34fad88c9fe80ef86b54e72aea891d91af50b17b7a603f9ae2060b3089ce9966fad6d7fbe22dee980c07ed491a75503f2cf

    • SSDEEP

      384:z1vZLMtUYqOoKFYpWcm5gW/ki0pSt+eB+Hj+R9zUkUTRtHRN7SoHR9zui5TJ:zpCtzqOjKYWi0QKHji9zSRtnx9zJTJ

    Score
    1/10
    behavioral13behavioral14

    • Target

      opengl64.dll

    • Size

      17.7MB

    • MD5

      0a84667145e7efef026c888d4b768126

    • SHA1

      27673e1bd7c55bba6eaa37620d3b3820ce45d46a

    • SHA256

      dd575f3c64382193610815909bd2c52490244ecbbb9bba6eef5fe4f0bb43bb4d

    • SHA512

      3e964c996ed358787c4dfdb965a00b38b4118c804ae1bf8d32aeb7d936584e72c188e3fa0d27d1c2ffd3be13dca8045b08b28b15070812c195d82d1bf23a2604

    • SSDEEP

      393216:PXhbUNnoBP98OQ//aXUszfTBHCOUZ2UenCDkOH2:PXhNB4nlW

    Score
    1/10
    behavioral15behavioral16

    • Target

      steam_api64.dll

    • Size

      291KB

    • MD5

      6b4ab6e60364c55f18a56a39021b74a6

    • SHA1

      39cac2889d8ca497ee0d8434fc9f6966f18fa336

    • SHA256

      1db3fd414039d3e5815a5721925dd2e0a3a9f2549603c6cab7c49b84966a1af3

    • SHA512

      c08de8c6e331d13dfe868ab340e41552fc49123a9f782a5a63b95795d5d979e68b5a6ab171153978679c0791dc3e3809c883471a05864041ce60b240ccdd4c21

    • SSDEEP

      3072:504VEQ2u/niy9UVLCe9ZqdrP+VXvv+sJYB2RHKBi65lhTbCc+hnvvEyP7yq+uei1:QZu/i874ZcrMv2cRh7yqO2CPLHxYq8/B

    Score
    1/10
    behavioral17behavioral18

    • Target

      vcruntime140.dll

    • Size

      106KB

    • MD5

      49c96cecda5c6c660a107d378fdfc3d4

    • SHA1

      00149b7a66723e3f0310f139489fe172f818ca8e

    • SHA256

      69320f278d90efaaeb67e2a1b55e5b0543883125834c812c8d9c39676e0494fc

    • SHA512

      e09e072f3095379b0c921d41d6e64f4f1cd78400594a2317cfb5e5dca03dedb5a8239ed89905c9e967d1acb376b0585a35addf6648422c7ddb472ce38b1ba60d

    • SSDEEP

      1536:BcghDMWyjXZZIzpdbJhKm6Kuzu8fsecbq8uOFQr+zMtY+zA:BVHyQNdbJAKuzRsecbq8uOFvyU

    Score
    1/10
    behavioral19behavioral20

    • Target

      vcruntime140_1.dll

    • Size

      48KB

    • MD5

      cf0a1c4776ffe23ada5e570fc36e39fe

    • SHA1

      2050fadecc11550ad9bde0b542bcf87e19d37f1a

    • SHA256

      6fd366a691ed68430bcd0a3de3d8d19a0cb2102952bfc140bbef4354ed082c47

    • SHA512

      d95cd98d22ca048d0fc5bca551c9db13d6fa705f6af120bbbb621cf2b30284bfdc7320d0a819bb26dab1e0a46253cc311a370bed4ef72ecb60c69791ed720168

    • SSDEEP

      768:a0Q4HUcGJZekJSam1BbuBSYcCZbiLzlSHji9z4GwZHji9znwT:afnDex5izbiLzlE+z4Gwl+zwT

    Score
    1/10
    behavioral21behavioral22

    • Target

      x64/trading_api64.dll

    • Size

      282KB

    • MD5

      2bca4e2c047ec969cb3cff277e7fc184

    • SHA1

      c4b5b00b605e59c6fdcb6731f2e53069506e287a

    • SHA256

      f1eb582e607a1e43cdb1654bfb7cb29ad46f6728b3fb89a14f7727e0e8daab69

    • SHA512

      3819178ec650298157b1d67317e0895cb92709b106d0d8525921e341eba5e960f42434e010066bb405f1ba1619adff1a645ede58e16c4b2d88df2c90611a6cb5

    • SSDEEP

      6144:Aa0EKzmilQBrUssevOkHcAxilMrCynC0bcLd1x:B0EZbr3se1SynC9x

    Score
    1/10
    behavioral23behavioral24

    • Target

      x64/tradingnetworkingsockets.dll

    • Size

      4.1MB

    • MD5

      3cf26ce759c5e261fe3ecc6451b8b08e

    • SHA1

      b5da110034fe394a4020367404534903764473fe

    • SHA256

      fc4a65ff603bf1f4bfe323de1866145ae1e006aa656799fd134dfa63d92d47c1

    • SHA512

      e7b543483f38bb6338490b5c8f5da6f95e0d78b45f2b26d898cc3b58cf7c359952bfe413414cb6cd1532c3c6fd7a860026b2bec7b6d0ddfbee9a1385a62e14f2

    • SSDEEP

      49152:kGtlqhcIU6ilVwASObX9F+LWDumqrJjAZVT4kmrqEUAYVxkG3q+XRQsmqkALD4z4:M+dl7+8z1mqkA8lv0bH1bBGZZs

    Score
    1/10
    behavioral25behavioral26

MITRE ATT&CK Enterprise v15

Tasks