lumma | 9077ef03723211f1f5cb3f26bc292f162d5de9900778042db47d74e437216142

Sharing

Copy URL

Twitter E-mail

General

Target

file.zip
Size

8.0MB
Sample

250131-njcnnatqhw
MD5

8a45b21de5ec621169f2e77ae96d2faf
SHA1

699046761789e3b1e18468e509f670b3347e67a3
SHA256

9077ef03723211f1f5cb3f26bc292f162d5de9900778042db47d74e437216142
SHA512

c045e0e6513e85ca4416982de9d83ed4565d811c6532ad1ccbc4c827aed85bd31a014df164a87e9e7cc7a2908e50d82c821d553da5e273f62151fda85292a463
SSDEEP

196608:qNGr8htl3e+frAhtFmcQiFa+vwKo5kO6EeeZ8FGS2aTvapOcvE2IhMRG:4U4tJL8C+vPyhTooEdOo

Score

10^/10

Malware Config

Extracted

Family

lumma

https://toppyneedus.biz/api

Targets

- Target
  
  Update.exe
- Size
  
  31KB
- MD5
  
  baf1e75bb5c5ffd9cb53faa57e14d7af
- SHA1
  
  79212880f0b3ffa8e6c835006ec16b14fff627a5
- SHA256
  
  acfb96912aa38a28faa4c5acbcc976fb3233510126aa40080251db8a8eebafb4
- SHA512
  
  27765470da65dd3183d6ae61f39cf649d7eba58cef4a531febb2fe26053ff48278211c479d037fa81b305abe6e1707af9741f45244587aaffed3d0cdc3f82abb
- SSDEEP
  
  768:sVkVCoCZhBjktlDpL8bEpYia179N2UYih79wvjeEd4m:qkVxCZhBjkt17at9Nz7h9IB
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  VBoxRT.dll
- Size
  
  3.9MB
- MD5
  
  163087045ef266bddc003d5b354fa21b
- SHA1
  
  74356b435b255d92f31486c18d8ea8aaa900ca2c
- SHA256
  
  e500d1f6943149a847558aceb6a06e323875e2b3da6b00233a764d80d46eeb0d
- SHA512
  
  24e207b8158dd0f87b5ea24c036fd7cf52fa267c4b8bc58c4e27664975a5aaa1b9d1ee585bff732befdf4a07fc564437ac689e0f3c14377fa9513d636981585d
- SSDEEP
  
  49152:XW7LuH6e0bEM7v5kpBGbt1nX8ovrdajvUh5Suo5i53snkuyISk2bTiIkD9D:GUOLQEvnI6STiSnkuy/oRD
Score

1^/10
behavioral3 behavioral4
- Target
  
  VBoxVMM.dll
- Size
  
  5.2MB
- MD5
  
  424cef51443f83317b01b316cb91da1f
- SHA1
  
  78f3d04805c0462038975e9d2723338418651e39
- SHA256
  
  2eac54ed7103a71a0912d625eef1735b9e1c73ee801175618db72a5544c10beb
- SHA512
  
  d6f38ee2640ad0069ee5bbd18d0bcda60de4d4aa3e911d5de54dc235c33e424f398a5a9f75cf7c1c11856bba10d47ba29caf6f4d3a9e3752d6b0afa7c22fa6c4
- SSDEEP
  
  49152:mvxxXri6GY6iRt0y1kYVrP1lbhki8IvOL2N9xrC8TctYeJuSjA9sk/IRUnZ95K7V:Yxbi/KrP1lbCImLqHC3FS3ejyAHac
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral5 behavioral6
- Target
  
  api-ms-win-crt-conio-l1-1-0.dll
- Size
  
  12KB
- MD5
  
  c0c8790510471f12f3c4555e5f361e8e
- SHA1
  
  7adffc87c04b7df513bb163c3fbe9231b8e6566a
- SHA256
  
  60bd8f0bd64062292eff0f5f1a91347b8d61fbe3f2e9b140112501770eae0b80
- SHA512
  
  4f71aa0942f86e86f787036dc60eaea33af0c277f03cf1e551aaaba48dad48593bcceeccc359efbf18ef99cf49f2d46b4c17159a531ffb1c3a744abce57219eb
- SSDEEP
  
  192:3YxWOhWVT71ojDBQABJIY0Vqnaj9RlW5EeHA:3YxWOhWuDBRJ2lBRc5Eeg
Score

1^/10
behavioral7
- Target
  
  api-ms-win-crt-convert-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  ebac9545734cc1bec37c1c32ffaff7d8
- SHA1
  
  2b716ce57f0af28d1223f4794cc8696d49ae2f29
- SHA256
  
  d09b49f2a30dcc13b7f0de8242fa57d0bdeb22f3b7e6c224be73bc4dd98d3c26
- SHA512
  
  0396ea24a6744d48ce18f9ccb270880f74c4b6eab40f8f8baf5fd9b4ad2ac79b830f9b33c13a3fec0206a95ad3824395db6b1825302d1d401d26bdc9eef003b2
- SSDEEP
  
  192:ivlUcyTSWOhW2T71ojDBQABJrJXqnajL1dHx3tKCJA3v:i9DyTSWOhW3DBRJxlXBtpO/
Score

1^/10
behavioral8
- Target
  
  api-ms-win-crt-environment-l1-1-0.dll
- Size
  
  11KB
- MD5
  
  c7c4a49c6ee6b1272ade4f06db2fa880
- SHA1
  
  b4b5490a51829653cb2e9e3f6fbe9caf3ba5561e
- SHA256
  
  37f731e7b1538467288bf1d0e586405b20808d4bad05e47225673661bc8b4a9f
- SHA512
  
  62ccdfac19ef4e3d378122146e8b2cba0e1db2cc050b49522bedbf763127cc2103a56c5a266e161a51d5be6bd9a47222ee8bb344b383f13d0aac0baa41eab0ff
- SSDEEP
  
  192:VjHWOhWGT71ojDBQABJAqnajxcRGlPH6Yv:FHWOhWHDBRJAll7PH6Yv
Score

1^/10
behavioral9
- Target
  
  api-ms-win-crt-filesystem-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  bef17bf1ba00150163a2e1699ff5840a
- SHA1
  
  89145a894b17427f4cb2b4e7e814c92457fd2a75
- SHA256
  
  48c71b2d0af6807f387d97ab22a3ba77b85bdf457f8a4f03ce79d13fbb891328
- SHA512
  
  489d1b4d405edbb5f46b087a3ebf57a344bf65478b3cd5fcf273736ea6fdd33e54b1806fbb751849e160370df8354f39fc7ca7896a05b4660ad577a9e0e683e4
- SSDEEP
  
  192:sD81nWlC0i5CkkWOhW+T71ojDBQABJusXqnajL1dHx3tKCJAH5R:sD81nWm5CbWOhWvDBRJvlXBtpOH5R
Score

1^/10
behavioral10
- Target
  
  api-ms-win-crt-heap-l1-1-0.dll
- Size
  
  12KB
- MD5
  
  fbfcf220f1bf1051e82a40f349d4beae
- SHA1
  
  43154ea6705ab1c34207b66a0a544ac211c1f37d
- SHA256
  
  9b9a43b9a32a3d3c3de72b2acca41e051b1e604b45be84985b6a62fb03355e6d
- SHA512
  
  e9ab17ceb5449e8303027a08afdbdd118cb59eaea0d5173819d66d3ee01f0cd370d7230a7d609a226b186b151fe2b13e811339fa21f3ec45f843075cedc2a5c0
- SSDEEP
  
  192:I5CY17aFBR1WOhWZT71ojDBQABJxn0lqnajsl/cqtqA/:I5IWOhWCDBRJclPq8y
Score

1^/10
behavioral11
- Target
  
  api-ms-win-crt-locale-l1-1-0.dll
- Size
  
  11KB
- MD5
  
  2c8e5e31e996e2c0664f4a945cece991
- SHA1
  
  8522c378bdd189ce03a89199dd73ed0834b2fa95
- SHA256
  
  1c556505a926fd5f713004e88d7f8d68177d7d40a406f6ed04af7bacd2264979
- SHA512
  
  14b92e32fb0fd9c50aa311f02763cba50692149283d625a78b0549b811d221331cf1b1f46d42869500622d128c627188691d7de04c500f501acd720cea7c8050
- SSDEEP
  
  192:h91WOhWDT71ojDBQABJSvFCHqnaj9RlW5Eq:h91WOhWADBRJoF8lBRc5Eq
Score

1^/10
behavioral12
- Target
  
  api-ms-win-crt-math-l1-1-0.dll
- Size
  
  20KB
- MD5
  
  77c5cc86b89eed37610b80f24e88dcc2
- SHA1
  
  d2142ecce3432b545fedc8005cc1bf08065c3119
- SHA256
  
  3e8828ab7327f26da0687f683944ffc551440a3de1004cc512f04a2f498520f6
- SHA512
  
  81de6533bba83f01fed3f7beed1d329b05772b7a13ffe395414299c62e3e6d43173762cb0b326ea7ecf0e61125901fcee7047e7a7895b750de3d714c3fe0cc67
- SSDEEP
  
  384:qZVacWM4Oe59Ckb1hgmLVXWOhW9DBRJOsAlXBtpOi:qZVJWMq59Bb1jVx01PI7
Score

1^/10
behavioral13
- Target
  
  api-ms-win-crt-multibyte-l1-1-0.dll
- Size
  
  19KB
- MD5
  
  4394dafed734dfe937cf6edbbb4b2f75
- SHA1
  
  06ec8f1f8dd1eab75175a359a7a5a7ee08d7a57a
- SHA256
  
  35b247534f9a19755a281e6dc3490f8197dd515f518c6550208b862c43297345
- SHA512
  
  33d9c5041e0f5b0913dd8826ceb080e2284f78164effde1dbf2c14c1234d6b9f33af6ae9f6e28527092ad8c2dbc13bddfc73a5b8c738a725ad0c6bb0aa7fcfaf
- SSDEEP
  
  384:m7F7vLPmIHJI6/CpG3t2G3t4odXLJWOhW5DBRJvlXBtpOL0VS:m5/PmIHJI6x41PB7VS
Score

1^/10
behavioral14
- Target
  
  api-ms-win-crt-private-l1-1-0.dll
- Size
  
  60KB
- MD5
  
  18bdfd4b9e28f7eba7cbb354e9c12fcb
- SHA1
  
  26222efacb3fce1995253002c3ce294c7045cf97
- SHA256
  
  3105da41b02009383826ed70857de1a8961daeb942e9068d0357cddd939fa154
- SHA512
  
  7d27eeff41b1e30579c2a813eea8385d8a9569bc1ece5310b0a3f375fba1894028c5cec2cf204e153a50411c5dcf1992e8ac38f1c068c8f8af9bd4897c379c04
- SSDEEP
  
  1536:tt/TFDe5c4bFJcvxXWpDAd3334BkZnwPO4P/V+:tt7FDe5c4bFJcvxXWpDAd3334BkZnwPI
Score

1^/10
behavioral15
- Target
  
  api-ms-win-crt-process-l1-1-0.dll
- Size
  
  12KB
- MD5
  
  7ddd5548e3c4de83d036b59dbf55867a
- SHA1
  
  e56b4d9cfca18fb29172e71546dc6ef0383ac4e9
- SHA256
  
  75f7b0937a1433ea7e7fa2904b02fd46296b31da822575c0a6bc2038805971ef
- SHA512
  
  9fb30ef628741cebbc0f80d07824e80c9c73e0e1341866f4e45dc362fea211d622aa1cffc9199be458609483f166f6c34c68b585efe196d370c100f9c7315e0d
- SSDEEP
  
  192:6WitIqjd7vWOhWqT71ojDBQABJJqnajxcRGlPHXsh:6WitI2WOhWrDBRJJll7PHU
Score

1^/10
behavioral16
- Target
  
  api-ms-win-crt-runtime-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  a3f630a32d715214d6c46f7c87761213
- SHA1
  
  1078c77010065c933a7394d10da93bfb81be2a95
- SHA256
  
  d16db68b4020287bb6ce701b71312a9d887874c0d26b9ebd82c3c9b965029562
- SHA512
  
  920bb08310eadd7832011ac80edd3e12ce68e54e510949dbbde90adaac497debe050e2b73b9b22d9dc105386c45d558c3f9e37e1c51ed4700dd82b00e80410bc
- SSDEEP
  
  192:iGrMUnaPrpJhhf4AN5/KiGWOhW3T71ojDBQABJcGSXqnajL1dHx3tKCJAv+:il42r7QWOhWEDBRJcFlXBtpOW
Score

1^/10
behavioral17
- Target
  
  api-ms-win-crt-stdio-l1-1-0.dll
- Size
  
  17KB
- MD5
  
  c99c9eea4f83a985daf48eed9f79531b
- SHA1
  
  56486407c84beecadb88858d69300035e693d9a6
- SHA256
  
  7c416d52a7e8d6113ff85bf833cae3e11c45d1c2215b061a5bbd47432b2244a5
- SHA512
  
  78b8fd1faada381b7c4b7b6721454a19969011c1d1105fc02ba8246b477440b83dc16f0e0ce0b953a946da9d1971b65315ac29dbb6df237a11becb3d981b16b9
- SSDEEP
  
  192:9rjrvIDmMSNuWYFxEpahlWOhW8T71ojDBQABJqZvKXqnajL1dHx3tKCJA3:Z3vAmiFVhlWOhWRDBRJqZ2lXBtpO3
Score

1^/10
behavioral18
- Target
  
  api-ms-win-crt-string-l1-1-0.dll
- Size
  
  17KB
- MD5
  
  d3d72d7f4c048d46d81a34e4186600b4
- SHA1
  
  cdcad0a3df99f9aee0f49c549758ee386a3d915f
- SHA256
  
  fd8a73640a158857dd76173c5d97ceeba190e3c3eabf39446936b24032b54116
- SHA512
  
  6bf9d2fdc5c2d8cd08bf543ef7a0cdcb69d7658a12bee5601eeb9381b11d78d3c42ef9dd7e132e37d1ec34cc3dc66df0f50aefadfdc927904b520fdc2f994f18
- SSDEEP
  
  384:eoax0C5yguNvZ5VQgx3SbwA7yMVIkFGlkWOhW2DBRJ1lBRc5EKe5:Ds5yguNvZ5VQgx3SbwA71IkFHr1PZRcs
Score

1^/10
behavioral19
- Target
  
  api-ms-win-crt-time-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  a992f1e06c3c32ffe9799d4750af070a
- SHA1
  
  97ffd536d048720010133c3d79b6deed7fc82e58
- SHA256
  
  b401edaac4b41da73356de9b3358dc21f8b998a63413c868510dc734b1e4022f
- SHA512
  
  50bd08680fccff190454e6555e65e2787bdc0e8a9bf711e364eb0b065951c2430559e049202b8f330ac65e9d4cd588349c524a71f700e179859d7829d8e840b8
- SSDEEP
  
  192:PauO/z7kzFDOWOhWfT71ojDBQABJRtJqnaj9RlW5Eo5:PaPEzMWOhWcDBRJVlBRc5EO
Score

1^/10
behavioral20
- Target
  
  api-ms-win-crt-utility-l1-1-0.dll
- Size
  
  11KB
- MD5
  
  cb4a19b88bec5a8806b419cf7c828018
- SHA1
  
  2bc264e0eccb1a9d821bca82b5a5c58dc2464c5d
- SHA256
  
  97e4c91103c186517fa248772b9204acf08fde05557a19efe28d11fb0932b1f7
- SHA512
  
  381edd45ecd5d2bdefd1e3ad0c8465a32620dfa9b97717cadb6a584c9528fed0d599d5a4889962f04908ca4e2b7b4497f0e69d8481ee5f34ea5d9106d99760c3
- SSDEEP
  
  192:5BfHQduWWOhWy1T71ojDBQABJPLtXqnajL1dHx3tKCJAaZ:5Bf8WOhWyODBRJFlXBtpOaZ
Score

1^/10
behavioral21
- Target
  
  concrt140.dll
- Size
  
  336KB
- MD5
  
  65f2e5a61f39996c4df8ae70723ab1f7
- SHA1
  
  7b32055335b37d734b1ab518dcae874352cd6d5c
- SHA256
  
  8032b43bdd2f18ce7eb131e7cd542967081bea9490df08681bf805ce4f4d3aab
- SHA512
  
  0b44153ac0c49170008fb905a73b0ab3c167a75dc2f7330aed503f3c0aedfd5164a92d6f759959a11eceb69e2918cb97c571a82715ad41f6b96888d59973f822
- SSDEEP
  
  6144:apyDXuXmqHSXuphaD1yZ8nOov2s1Scu82F8+nWzgdKQhmV:apyClp+eEu82Qz6a
Score

1^/10
behavioral22 behavioral23
- Target
  
  libcrypto-1_1-x64.dll
- Size
  
  2.8MB
- MD5
  
  d260124015f4513f526363054045f51e
- SHA1
  
  2a1eefa0c3417c8ad9df0ef10557aefa4247c893
- SHA256
  
  588a6fbdc9bcd10eec2ae6602b05339169e424e8d82929759758c1d01a7965b3
- SHA512
  
  305331e0682110c60d5bbb0450f1e3e29fa5a9b435b9715285a5fcd91c7bb568e71ae32aefeae766735edf31f6fe1c91377a688adc3ec8b91aa489ceb8822ea3
- SSDEEP
  
  49152:bfVwASOVWIU6ibwGtlqgCJMzMCrMruXbS5/79X58QGHkG25J4d2PmO22R1CPwDvw:bNx+EJMzRf25z9vm25JeO2i1CPwDv3u5
Score

1^/10
behavioral24 behavioral25
- Target
  
  libcurl.dll
- Size
  
  330KB
- MD5
  
  7c237f5682cf6491413b0d97dd842baa
- SHA1
  
  c1ddd15b662e0df4c0d05cb4d4d0b9f4de55b51f
- SHA256
  
  1fdd8d10b981127e8b1bd351fb4138b467b131906fc2d9a1e9f66d94590061d4
- SHA512
  
  2d00eac5f821aab4a2d9aca2ebb9addaacf45fa85801a41d0d27f1057696196317ba1fc093a2389ed8be2e5f0a805c7cd563f63cfcf46d5eb41849e64d880864
- SSDEEP
  
  6144:9kFapXgcRklD564PnRjmFspk8gZMhRbJxw3omw:wIRktI4PRSF0J1sc
Score

1^/10
behavioral26 behavioral27
- Target
  
  libssl-1_1-x64.dll
- Size
  
  490KB
- MD5
  
  af673a3d9dd234099505cd088898b1a7
- SHA1
  
  db1e93e88aa8f6ebda14c948c86abfea3a6c89d2
- SHA256
  
  75754372b2ce19df8fb989fd92527fe6cd3b559325073344985ef509b13d2054
- SHA512
  
  f99f7433c28eafe36a9abc4ab1b0e9d1ced6534adcf6c0bee08595bb9edbc96be81769912bbb0ce227ce187dbe7bca39a830560ff2d0bcae8fc5df9059f9772d
- SSDEEP
  
  12288:ePJ03yMeDC+ZhxyJScV0zpNdiTZQMm/fUhP89zti5/diRLq51Oxn7+WWvGDMT2g6:Nmegm06npgcmx
Score

1^/10
behavioral28 behavioral29
- Target
  
  msvcp100.dll
- Size
  
  603KB
- MD5
  
  0775f4c382842ce37cf8aa6d55835a6f
- SHA1
  
  6885f7cf2188fb2156b273cc790d23990b71ee9c
- SHA256
  
  4eda2ff10ce9659e78e7b64d90bd7967279924e2328bcd633023e629992e95ac
- SHA512
  
  a8bc64b3b815cfcaf6271ec21eb8896647dd9a71a82aa52af9a66136c61a41ce2b78bcece7b9dd166926931ec5e95148b875c9f4494ff2aee9312fe4b8363587
- SSDEEP
  
  12288:FoBFUsQ1H5FH3YUTd/dfePA7XrNvEKZm+aWodEEGblH7:2FUsQ1H5FHdggrNvEKZm+aWodEEIH7
Score

1^/10
behavioral30 behavioral31
- Target
  
  msvcp120.dll
- Size
  
  644KB
- MD5
  
  72664fbad17678faecae97481e8e783c
- SHA1
  
  8edb9feb6d3a737a88dfd3213965d1ea4f64c3f6
- SHA256
  
  2285fc6fc936c38d124b6ea5585b81ce83de235b460cb27383a15003eb5ca116
- SHA512
  
  2cb7f2fcf69a28f0509fbea632859d82b9ff5d0ec318cf500eddc1f02ef887cfdbee2162eb321ca8f3b0f374930ecf69c97653b16d8dddedd73abe0993b5466e
- SSDEEP
  
  12288:82fus43uu43Ry4GHlT4xH2K+M+/i+WSpY+7YOzCaK9A3gS2EKZm+GWodEEwn6:JuJzCaK9AB2EKZm+GWodEEwn6
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Uses the VBS compiler for execution

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32