lumma | 32f3694f46fac88ae8313e6edefbfe0cd65cf156f1dac842cca5b24fe6b9395c | Triage

Sharing

General

Target

Mod Menu V5.78.zip
Size

10.0MB
Sample

250127-s9zy4awphl
MD5

1a8e7e87e6a3007aa44b3d064b24f5b6
SHA1

37e45bfbbe6f3a50f2ddef3a1b163455b566bcbf
SHA256

32f3694f46fac88ae8313e6edefbfe0cd65cf156f1dac842cca5b24fe6b9395c
SHA512

60aff1247e990122b230a81abcfd591f07e77ce53845488897a9857db3141de426be598cbd12c946caac163050299373fc48e9fd5865535dd67db2cb1a936b9f
SSDEEP

196608:wN7ETgvAwKOsoZiJFBrWuPcu0wLZaJGBM7CEVWcHUSW6Epytp7W5GzympTyvl:SEkdY7UuEBwLZbBMgcHJkytZ+kTTyN

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  Mod Menu V5.78/Bin/x32.dll
- Size
  
  4.3MB
- MD5
  
  7641e39b7da4077084d2afe7c31032e0
- SHA1
  
  2256644f69435ff2fee76deb04d918083960d1eb
- SHA256
  
  44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47
- SHA512
  
  8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5
- SSDEEP
  
  49152:aYlc/220PPiMLKam+VMrLi21f4i3jn5ZO3XUDmOZQwVd2uQpN3WsGVUWd55i/jrs:a6KD2Mrdaix4NQnLt
Score

1^/10
behavioral1
- Target
  
  Mod Menu V5.78/Bin/x64.dll
- Size
  
  4.3MB
- MD5
  
  7641e39b7da4077084d2afe7c31032e0
- SHA1
  
  2256644f69435ff2fee76deb04d918083960d1eb
- SHA256
  
  44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47
- SHA512
  
  8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5
- SSDEEP
  
  49152:aYlc/220PPiMLKam+VMrLi21f4i3jn5ZO3XUDmOZQwVd2uQpN3WsGVUWd55i/jrs:a6KD2Mrdaix4NQnLt
Score

1^/10
behavioral2
- Target
  
  Mod Menu V5.78/Loader.exe
- Size
  
  405KB
- MD5
  
  1c03aae8e21895221419d2a00fde1b5d
- SHA1
  
  79398e347992e34a9ab5718784e6be5a1a4ed44e
- SHA256
  
  5bb572740d94a5d8547ed2fbbc2e057b2ec62642e605f2be031f72acfc583e16
- SHA512
  
  cf41a931c3bec135758dd793e62c16a50889453c47b5b93e161649bc44c45b0ee55f453197c3199955f4b57a57e6ccc10ddfb6539fe2275e39eb7cb5c16e9937
- SSDEEP
  
  12288:qg5h8PsB08OB4zmxrjeRB+MUsoMPZGn8/lB:qg5iEBSeRB++PZGnIn
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral3 behavioral4
- Target
  
  Mod Menu V5.78/WinDivert.dll
- Size
  
  23KB
- MD5
  
  66028ed384c62b3b4ab851809d38881e
- SHA1
  
  81924fc6409a9ee00623332cc77827633bb3cc1a
- SHA256
  
  a97859785a2df1d4462e7d48d33ccbd89fedd40dac4970f4afd89e63f59ee1ec
- SHA512
  
  7a86faf0057db3e9ed78cfa1569154990d0a7eec3da1ca30ff79229745355a1ada4304b8d2b5228cb98afb21786c92eee959067ae9f0bf518af9c5aead3c9159
- SSDEEP
  
  384:yFeZ7IibcWUhRRD0qbk91c8bKKvBRseZPFMejOcD3PmH9vRQxVzE:ygEeSRR158b/dIYPWvRq
Score

1^/10
behavioral5 behavioral6
- Target
  
  Mod Menu V5.78/d3dcompiler_47.dll
- Size
  
  4.3MB
- MD5
  
  7641e39b7da4077084d2afe7c31032e0
- SHA1
  
  2256644f69435ff2fee76deb04d918083960d1eb
- SHA256
  
  44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47
- SHA512
  
  8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5
- SSDEEP
  
  49152:aYlc/220PPiMLKam+VMrLi21f4i3jn5ZO3XUDmOZQwVd2uQpN3WsGVUWd55i/jrs:a6KD2Mrdaix4NQnLt
Score

1^/10
behavioral7

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

lummadiscoverystealer

behavioral4

lummadiscoverystealer

behavioral5

behavioral6

behavioral7