lumma | d59bc73103668278d2831c989d841bc931edda65b0ea30c710fb33be0145fd89

Sharing

Copy URL

Twitter E-mail

General

Target

Setup.zip
Size

131.8MB
Sample

250314-3c5hes1ths
MD5

d762e8328c3ed78cae70e028469dfa8e
SHA1

50eede0298e6d8c90f16f6729134a33fb834934f
SHA256

d59bc73103668278d2831c989d841bc931edda65b0ea30c710fb33be0145fd89
SHA512

736159272134c086a32e0e2b6443145020ac09776f891fbc01326e9e06d6bd5fa302ec062208393d29e3c9ffeef73c0b7536f525db073759d8d7202881480dcb
SSDEEP

3145728:9ywthrB+ClwMJ0dGFJG7JOVcOgcmsr25R8KGave7R:95tNQYJqGF1aOJi561aGR

Score

10^/10

Malware Config

Extracted

Family

lumma

https://citydisco.bet/api

https://crosshairc.life/api

https://mrodularmall.top/api

https://xjowinjoinery.icu/api

https://legenassedk.top/api

https://htardwarehu.icu/api

https://cjlaspcorne.icu/api

https://bugildbett.top/api

https://weaponrywo.digital/api

https://cmenuedgarli.shop/api

https://w-crosshairc.life/api

https://3vjowinjoinery.icu/api

https://thtardwarehu.icu/api

https://2bugildbett.top/api

Targets

- Target
  
  Extreme Injector.exe
- Size
  
  120.5MB
- MD5
  
  9465dfab9cfd6274566a8c9827d7b9b8
- SHA1
  
  9e09efedff13c628c4c4e3a1f1312db131950545
- SHA256
  
  b35d90ba8353265bcb6eb46afd27bca25cbffc4cc3cba19e659fb72ac2d20446
- SHA512
  
  c476903eea21d12a91aa6d741bd21490e99e29d4cd47e508fdff940725ff0309005a8ed3e18d3b54a9ae6f179fdc7d435a8b061172c17638bf80082c0f936516
- SSDEEP
  
  12288:zAJ0SiRi56OdcPe1Ja4AUL/t+ijFju2qsuVo:80S492/hB+ijFHduu
Score

10^/10

lumma discovery spyware stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Qt5Gui.dll
- Size
  
  4.8MB
- MD5
  
  d9b78f4b2f8f393c8854c7cc95eae5d8
- SHA1
  
  8d648e7bda5b6bf7b02041189b9823fe8d4689e5
- SHA256
  
  55faebb8f5e28cde50f561bbd2638db7edcfd26e7ee7b975e0049b113145ae38
- SHA512
  
  6e76b524a56cc9bb5ae4beeedd41a48c35cf03c730752da3cae49862cb7bc3c17283099c39787f5933c1771eca7c2e651d92b961de7f43813f026eb295c90c81
- SSDEEP
  
  49152:PcLeg66Ry8jdAYbppzo7Tzj1/JrRbkwW6Ydzzr3YCWizxCqDRkU9i4g1/JAyn:kLrBpr1o7bRyfdzzxz0NTA4
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Qt5Network.dll
- Size
  
  840KB
- MD5
  
  0fdda3a8c8be28993b156b24b300ccdf
- SHA1
  
  57fe6cfd0b28708d23ae560675d4c462127722c8
- SHA256
  
  335cec3a5f9082f083190660932b6641f682f4c5818ffbd6ffa98c9d0c24e0f1
- SHA512
  
  4ba8b28ac903d087344185b77144bfcbcd5bda11efb2a8d45b942363b8a13c7c4fb56820644166c7556fb44b68a8786ebb10b8cc4b3557247aa85214289e4453
- SSDEEP
  
  12288:/fGeWXoifZwygBFp9RsVqSA3jk1x5X+JPnk4PpazkoLhVY9hqivwlsBNzARfG2:/fGeWXoiBwHbHEgqM9BNzARfG2
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Qt5Svg.dll
- Size
  
  253KB
- MD5
  
  06cc5d18a496520e05bcfee1e3169535
- SHA1
  
  98ba5d0ed52499a845038c3b4bcba356b9339f11
- SHA256
  
  ea31035fa96ba656d64b58d4f1a9dd210df7154afad3d4f96ee36b41584e4360
- SHA512
  
  154a2fdbaa045df6289476420cc4045905a866cd54d756dcc09e0ea79f2cec7f33c748534f47c827841e35c35f71d462cadb801a6b99bf72c162c075d786fdbe
- SSDEEP
  
  6144:kKD4dwpLEE61jMW52NP5xwuMnyOWYGcy8Dv4Cnke+9oCsGhvdw61IwxP4zd:kKD42pLEE6mw2NPnBMIBrU
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Qt5Widgets.dll
- Size
  
  4.3MB
- MD5
  
  f697ffc85fb86d72654c4f5ba4e1bdc2
- SHA1
  
  670657f598d408ab232dec75be6fc7983bc5ce4b
- SHA256
  
  400fa69aa8803f6c3a6f9a5fc956475d0396095c4b6d4665b7aa29bbcb8e3640
- SHA512
  
  47513892c22a193c51ecf09c8f3e4c4271a92be33b7b7d535290ea75a1498c5531881a26a85dbf758361e6892abf12a796f1c5c284a34f1d173d61d2012325b7
- SSDEEP
  
  49152:Zhk8cs4FhK1FKBxR8Lcdm0OTqZ7uA/GrXHIaTU+cDZ0V37SUJ:7k8ymoBxKAdmL8yONaQi32UJ
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Setup.exe
- Size
  
  485KB
- MD5
  
  3a69ddb5e4380286143054fb5ec33002
- SHA1
  
  b8fde1d312025a8b8c4cd9f562f3e379bc058afc
- SHA256
  
  00841e878ca166421fd11488b34576cb2910137c5ad94d1950c11bd2131ae0dc
- SHA512
  
  1c20848d194972e4894f96561cde864cfb248210cc3cc4a0c3bde8dcee79d7ca79351dc6db29ca4b6c257ec408d1a02294e5d8c92dffea9441a1a3aff194069e
- SSDEEP
  
  12288:DAJ0SiRi56OgIuETl5qGlsecGHaRsuAVHETqpVEe1v3WxAo:s0S4gtTTlkG6FDmp7QAo
Score

10^/10

lumma discovery spyware stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral11 behavioral12
- Target
  
  msvcp140.dll
- Size
  
  731KB
- MD5
  
  45ad5195977a46b165bb96887ac206de
- SHA1
  
  ade19c68fc90514a987760f3a0fe881bc2dc3bc4
- SHA256
  
  60bffec055dcee0eed7c3d2820fb501f81e022a2911f7b01f5ad71bd130f2c12
- SHA512
  
  643bb1a63211dcd8ec62f15740934039b7dead7e823688f50598657fa870f74c3e25c245b50108dc1fda0f0887105f398f8d62a56f6aa3f652368f48abc6e6f6
- SSDEEP
  
  12288:OCF7Zcy+NjkHtlzigWBqf/qq3R5W8ZB4zmRzbaTsViRUF9TZ:F7iy+1k99f93PW8ZBS+zbm7sr
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Accesses cryptocurrency files/wallets, possible credential harvesting

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Accesses cryptocurrency files/wallets, possible credential harvesting

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14