lumma | 575b3435debce773faf1403dc24e23d8133e8828ba57a0d680961a61bde1b435

Sharing

Copy URL

Twitter E-mail

General

Target

trading.7z
Size

79.8MB
Sample

250319-lckpksvtdw
MD5

274b6f5fb71fffb82d89a0ee985e3c38
SHA1

b357024a8cdf1c4518db46f7bb3999b9127754d6
SHA256

575b3435debce773faf1403dc24e23d8133e8828ba57a0d680961a61bde1b435
SHA512

f25c3caefaf2fa9eb43ce2b9d4ccf129ac6905cc1f0ce004aaf4042789a319056be834dd5fb8d11e85cccd0e606e4291722476d0d5538ea515d7a0a1571f83bd
SSDEEP

1572864:/7mMdDVUJXXvhaXWgpEoPUwBsffzs+WKuw+6IaA/6nc1KQuUv8CmIr37C:/7mwO9dpo1edcxaRHU5mI77C

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cousidporke.icu/api

https://caliberc.today/api

https://pistolpra.bet/api

https://weaponwo.life/api

https://armamenti.world/api

https://xselfdefens.bet/api

https://targett.top/api

https://armoryarch.shop/api

https://blackeblast.run/api

Targets

- Target
  
  TradingView Premium Desktop.exe
- Size
  
  677.0MB
- MD5
  
  395b80b49dddeb9d2c978f6d8c79e262
- SHA1
  
  7325bcc615151f352b1deab06864299d438177a0
- SHA256
  
  83179e9421328bbd3922a109e5ff86f22543ed60bcb98b6a403d5f2706ee6ee2
- SHA512
  
  d360a0b9f6140a011f054a19c45f5464773548fef31eed10986b3e5cf2451483282c7202ba95940d18de48aaf35bb54e97cf957db58cdcfbd3f2723e7025dc3d
- SSDEEP
  
  24576:v3tpA/FF8NJiV+wSrG8Ec7EguyQ51YaaDrTVn4uUKD85tYcQQ7rua/:P04NkV+w2h7FQ7YDZutYsrua/
Score

10^/10

lumma discovery spyware stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2
- Target
  
  apt/SysWOW64/APHostClient.dll
- Size
  
  45KB
- MD5
  
  1c3b847a194fe9ee6b6fbfac4970f42d
- SHA1
  
  4e3798287c486b017dbeee96c221dde2d86f29b2
- SHA256
  
  c764bd0a4333af4fd2bea52bb8d033b064a4fbfd8c880ae777a1fafa0a5871c8
- SHA512
  
  3d412124ea16494934c8dfd2cac33986efd28e43f54c8227053d8cd35077f7d3dab7a506b5e7a639efdf046e6bb6df127995ca5e2dc939ecc85f6434a7a9da29
- SSDEEP
  
  768:oyHeStzFmX6wVnn0XqYwN8sPKH6eNzj70re2mLj25:oy+gFutniqYs7CbNzjorcLM
Score

3^/10

discovery
behavioral3
- Target
  
  apt/SysWOW64/AUDIOKSE.dll
- Size
  
  367KB
- MD5
  
  ad7526e2f853cc42699b60ace42e4e78
- SHA1
  
  80ae8cc6c37c48be3fe6a354562b9cfe271fcbb7
- SHA256
  
  3488ca7723c3cec199914bef0ad9f1bfb1eba670815d3cbcf9e328b1c5defe5c
- SHA512
  
  1980d25915ee42450ff29da43a149e28f77a2500e7b61ee3ec1770da9e551e78d3c974e5f78d3ec239ddfe8d9085464191f093f4c6445fd6344f359dd1a0c2f1
- SSDEEP
  
  6144:v84JS1OdQty/vV8y9Q8ffC2iCYcmSk/lEQspJrfQsQcL+eWB7BWrB:v8adQo/qcQCYTSkfs7rYd7Bw
Score

3^/10

discovery
behavioral4
- Target
  
  apt/SysWOW64/AarSvc.dll
- Size
  
  344KB
- MD5
  
  64cb36279f29577cddf5325fab394043
- SHA1
  
  a00fc0f57a05e9a1179bc3fb8a80cfec27eff011
- SHA256
  
  420213e7e572d6ac871a63cb9c4a72b403730cf6938ad2591858a3ea15bf0592
- SHA512
  
  665dd5f67b75eb69a0249c04838409985f3f18cbdd72cab48e385c5351acb65b1b8e335b264171609321e9b53f447bfbaa7138653d933f963a3a20a868645f0f
- SSDEEP
  
  6144:7kG0Kq8A0t9Gq5C6jJ51xL/U63Ugf+biO5xgt3mg1oRSHkJe:48JD5C6jJVL863UgW5xgD1B
Score

3^/10

discovery
behavioral5
- Target
  
  apt/SysWOW64/AboveLockAppHost.dll
- Size
  
  323KB
- MD5
  
  a626c382a127b6fbf8e4c6329dc955a3
- SHA1
  
  63abb74f551fdd9cb884e4d7fa218ec325b7f18e
- SHA256
  
  e3efb4614a25fb6506677766c6a34319c9bfcc61ac062aef0620fa44564682dd
- SHA512
  
  00e009831b4249d7da5889ed6657cc98fb9a66455287c3b7272884aa1ee7108a026384af95067f54bd52ab341ac1972a483b77a468d5d98857ea99fb88a14b4e
- SSDEEP
  
  6144:JKEQzthmZWVwRgsqEd3214PCzPd0SmPVjFKupeIhm8n0gAYJ:k7Zh8WCRHqEd219JYPNeIhm8n0g
Score

3^/10

discovery
behavioral6
- Target
  
  apt/SysWOW64/AcGenral.dll
- Size
  
  2.3MB
- MD5
  
  cf79ba9d2aa40aa14a642fbc0f6870a1
- SHA1
  
  411e2a318e5dd17d344876b1af8f9b33c732deb9
- SHA256
  
  d0163efb5caf6baa53ab8bd1ff3031f417636b9da68cec1676d294e4f7ac8faa
- SHA512
  
  cca6df4afddabb299266d1ab6db9742d9da07e3d7c5c1a953af68e2b892413bc3434da879c91939f70e31c428a199f3ddd34ae0696bd9994f922845273c1b850
- SSDEEP
  
  12288:bqLsexPBFRVyNGi/frOOPSWxIZwWkAhcNEhcNEhcNZhcNghcN6hcN6hcN3hcN+hV:bqLskPBFHyNzfSOPtx2wWk4INZ
Score

3^/10

discovery
behavioral7
- Target
  
  apt/SysWOW64/AcLayers.dll
- Size
  
  375KB
- MD5
  
  f6820b6b6be064da4491197ff765e8ba
- SHA1
  
  f6d31c9669f42acf794df7491fe8ff7e127dc720
- SHA256
  
  5e3fb129761d5969d772403644dd474b42842fc688ee5dad5696e83a2a115d15
- SHA512
  
  3172dad3072116ee5754079357d0385cdd980246a3998e4691db489d85702639f5480e7d72880ce370edcc97b7359eb3c5b5ec3a7798196290659c98a0354adc
- SSDEEP
  
  6144:V+4TsPmZMbi3FOzoABpZq4oVoB6dKAG3EA53RiARAA9N80sUYabLn3OWFWEef5Yf:Ah8+Zq4oeB6dpA6bUh3VFW3N1S
Score

3^/10

discovery
behavioral8
- Target
  
  apt/SysWOW64/AcSpecfc.dll
- Size
  
  451KB
- MD5
  
  e9ea1fd3fe480dceb9e35e95032aeef1
- SHA1
  
  9ada899144715427902a3d54bc5d870d932f6127
- SHA256
  
  c3706d4f86ac7157e76382c255c0aa84dbae391282113f48791a9ae3d0502c20
- SHA512
  
  7fdd91af46ee4983e21e5ac055a089d11b9309b323c60bea196378b1a76e56807d26759a78190c793050b7dd3b95de53c0778cc2d1a4530820415c3fd59d9aad
- SSDEEP
  
  6144:UmNgm0GiYRJCzk60h2rc3WPiLH92eFWHgg0uLUrEaJ+XBa0gTXqOxQdyKW+mu:2siwKcCiLd1WHggBAgaJrTHu
Score

3^/10

discovery
behavioral9
- Target
  
  apt/SysWOW64/AcWinRT.dll
- Size
  
  67KB
- MD5
  
  b1025afd25c0732944afaacb9e07321c
- SHA1
  
  17bdec62ecbeff175d44b77cc4d8202f7f7c58c3
- SHA256
  
  5d6e4c256b0d817e2a5e3d34865f01e5fe4346f215ac29590e9a6b089eb09309
- SHA512
  
  2300c2ff9d921fc9a5ffa3619112793db40b72f88f7fb5fba69f4ebfdd35eafe23e12fce9cd67bf42ddf24f2cb4910e19e3c53e075bb3868c332dfed829d044e
- SSDEEP
  
  1536:IZAKTIuT0c0FNlTPglkvq9qXqXqXq6Pfvqaq6z0pFMON7oz/mXuqR+6ciOK7oh/V:IJ+c9ddHexr8bwHSwYdq
Score

3^/10

discovery
behavioral10
- Target
  
  apt/SysWOW64/AcXtrnal.dll
- Size
  
  84KB
- MD5
  
  7a8363e16731be3c2c8e19d8cc09c55b
- SHA1
  
  c91428381a21769b8b0d43ad2ff51ecbf4484148
- SHA256
  
  74e806ec92105141400a92bd89b1dc17881df02a5014ebb421853a4ddeb90954
- SHA512
  
  d580d64287ff24d410b47865fb328a57c034890f4f8d3185e50cc9d41523b97f35f088b917c73c4752676242d7bd0be5066e4ea8cef5563fa9c4081aa428bc8b
- SSDEEP
  
  1536:kvR1FvU175th5AuXKoG1P7fTCUTj/y5BnJAGVrpXn6PO:U817R2JoEDTCUT+9JAGVrpXn6
Score

3^/10

discovery
behavioral11
- Target
  
  apt/SysWOW64/AccountsRt.dll
- Size
  
  334KB
- MD5
  
  9e4ed0a8d9104cab5e9bcc22214178a7
- SHA1
  
  6a73bcac48257288f20090b64ad672a69362028b
- SHA256
  
  6a58df2b2e33000cf78f53fa2be1d4ea579ad9269b1ea4a58b8437139e51b998
- SHA512
  
  64490c33907c08939380125a9fd1a47827904e17d0cabfd802068a33944972ac9955f5b26cc2e42ddbe4eb57ad1fc46384a33ce94ee475b893c5211876fe5b7c
- SSDEEP
  
  6144:K6FKnJCZ7thyO8w4txzq+ZM3beLQjuvsRMag/jLGn4MBn7ppUDeftorUY9B:x7thyO2G+ZM3beFvsK/jan4MB7pqelYD
Score

3^/10

discovery
behavioral12
- Target
  
  apt/SysWOW64/ActionCenter.dll
- Size
  
  249KB
- MD5
  
  f240305dd64ba0144e5d288c75878e08
- SHA1
  
  53378553cde8951658dc136badb6164162133229
- SHA256
  
  7a09722c8cb890d50fde632713bb0497a0e01a5aa9e974f50a688a0c029bbfa6
- SHA512
  
  65187b69ab6974b75a43535ba096e4ba0fe71b213ad4dabbc019166bdfa33e51000acc592cd537eebdbfbcb14fbd13e191b9c556f828215882a0e75a926b9736
- SSDEEP
  
  6144:TKkIMCly9MDA3Bb0LLpjQKgji+AuhbyEJqgB7PFsCPJI:FFClymE3BmQjcEJrPFZJI
Score

3^/10

discovery
behavioral13
- Target
  
  apt/SysWOW64/ActionCenterCPL.dll
- Size
  
  123KB
- MD5
  
  1d1d578902c7bafec26bccf5f7565f5d
- SHA1
  
  c1128dc352b3fb66ded132c970a9d4566493b0b8
- SHA256
  
  44e9ebc6f6ac8f5364ffd9b53140328c968b946ad1c9f8c93c7b5dd4af91b1d1
- SHA512
  
  06d26e5495112efe6b2a18d5551bf203539935adeaa17224b50ff8939f3349f541c70aa8e67cf20358052cb4b58ea05c58e2d1989cae6684405edee5476b6f68
- SSDEEP
  
  3072:1CXn7EEDTPXQ4EFKIghYLaNurGRxVv6boZoHWkSYjHUxa6uzbDTtBZ0cW2ZlYgkS:obMzbDxBZhW2ZlwZVopc
Score

3^/10

discovery
behavioral14
- Target
  
  apt/SysWOW64/ActionCenterCPL.dll.mun
- Size
  
  425KB
- MD5
  
  6141d2c8e6d9f388045e875ebb8f5ebc
- SHA1
  
  db3e2ab252d276860ae3e4938bd38c00b370e155
- SHA256
  
  480c05864e8cc7d404b6661bc3771c8539bd29a6e6c5d12ae02248d1dedfee4b
- SHA512
  
  419db8847a0dfa7ece9f4aa0cf44f6a12989d117ffb1aa70f50b218a4c41a859eec279b0d873dd8b19d03fbcd0238dbdbf91e3586cceae58749ebce8144c9baf
- SSDEEP
  
  6144:U8TDk9F1vtANCX2G8M1JOlTP17Ntg1NlZTGG+aPx7aCTVJd9Me4s/X5iuhYmWIw:Nq2GPJEP1ptg1/zJHMed87o
Score

1^/10
behavioral15
- Target
  
  apt/SysWOW64/ActivationClient.dll
- Size
  
  42KB
- MD5
  
  cbad3afa6b915122334a2727f8055e44
- SHA1
  
  4092b1ab7e1eccf1039d808949dd2581a1ada1de
- SHA256
  
  f1c10d61f12de08eeb84ab349ef17c002213c658fd3d336ed72676efb201a09e
- SHA512
  
  7c5bbd053a5d9486688a73553befd2e309a668fc5adfd4faea13dce400dff74730a7c4e71ea5686a5a3a83faf4af2e03c08b7b7310b0480c10c61f79c01d5eb8
- SSDEEP
  
  768:SpF7BWUgYxDDfLlVL5WzuBvJ3fT3/Y1wGte0:yF7EUNblVVWSJ3D/YmGte
Score

3^/10

discovery
behavioral16
- Target
  
  apt/SysWOW64/ActivationManager.dll
- Size
  
  641KB
- MD5
  
  c5596e29b36adfd2c92931c2c4904fd0
- SHA1
  
  24602de0425fc24c8600f58ef809f47304f39da2
- SHA256
  
  215d9a8aa07bffd46252e5943feee5501e65e7a7f7ff67f35a4998cf6cc0b427
- SHA512
  
  160e76373594c7f862d260cfaa272d33347f92cd354d1f46cf66d68c5398a799e53510d38eddd345f95e45904b8731d34f0c3a27e364aeb266c808d6853dac95
- SSDEEP
  
  12288:auhZqoUHx0KdrPovD8uPkrXBGJgHQcuxvwd:dhZRcdRg78uPkrduid
Score

3^/10

discovery
behavioral17
- Target
  
  apt/SysWOW64/ActiveSyncProvider.dll
- Size
  
  1.4MB
- MD5
  
  29e2147cbaaed6b494537e917c983301
- SHA1
  
  7ecd2ef9d723fcafcccab1e9b6299a30b526e853
- SHA256
  
  8b955b21d7970f992eb31cac7a464e07aed306752b3728f089f291363d2dd2c4
- SHA512
  
  9f86a8159a5db9dc65cd3838b5023c1ce3071fa767a1f9fc9af11ef25e639f499e8409f01a1ca2bbc990799ae58ce532c760b95b621974190a608140745e39b7
- SSDEEP
  
  24576:st/XwhBgNB6aCTq6jbEAoY2kGHW5iUTYQ7xHkCQ6wPMGGPDNkX9BI7/X7Yxj+:stP8BgNBcwxkGHWYUT2CQ6tLXH
Score

3^/10

discovery
behavioral18
- Target
  
  apt/SysWOW64/AdaptiveCards.dll
- Size
  
  41KB
- MD5
  
  43c11ee7a1d9f62c429972c07dd33229
- SHA1
  
  c091b972937d18f9a52c4fd33188e4f3e401ccb7
- SHA256
  
  f8e015de2e77647dcaa2d0e1b9b1ac284e9d987385b9947591813b4bd6796e32
- SHA512
  
  cb9a76ae4ffe1c297bb81537efb14b2686f2a7c37dcce874d107d22b37bf28b34d4f0b2e29fd2fdb992dfb15dc583dce7c140bb8a4d20f0331bc93b26f6401c8
- SSDEEP
  
  768:svEUgi5QYojjPIKg7yrGEw4zk/NF1IzZLrop4NVXldt1vZstPGck6jv:s8UgiW7jPIKeyrARNF+lu0JDvZsBGcks
Score

3^/10

discovery
behavioral19
- Target
  
  apt/SysWOW64/AddressParser.dll
- Size
  
  52KB
- MD5
  
  09a620a0d09694d03bc8fd5d8b8aa819
- SHA1
  
  a7db367da4c455f7b4e42e9055ce1ca58923bd85
- SHA256
  
  381a701b27ba655a6833a02803a36aa6607904f6fb3c0b5530bacdf92f00da78
- SHA512
  
  68f17d726ad6811fcd4487340dbe13d7d97d515fed967dbefaa6b52ffe26b13f55f682939d1425624f83068e1b75c05fc10a601a81f01805c97fc9feffcb33c1
- SSDEEP
  
  768:WljQbhFMQUmxHqE3F0J0Q0K/SzFCe+VyDQc2gxpj+FrH53rNWiXI2Itp/zn:WV+fggKCFCe+Vdo2H7NWiY2It
Score

3^/10

discovery
behavioral20
- Target
  
  apt/SysWOW64/AdmTmpl.dll
- Size
  
  418KB
- MD5
  
  f8cc20e2203a20d958234b5aea3a5cfa
- SHA1
  
  d995a9557c43ded63901b33e63090d8189ee5389
- SHA256
  
  453740b44714346d0a9e738001fff8eab77d1d36de3e47177f7765939bd626fb
- SHA512
  
  3ee6142c60f3e890be7c4d34cd7fb3d4b8f1aeb35d9c9dbe5d58af4774691862332adec72b5c91baf62caae7745d960e6e0eb10872bee0f4011128e4980f11e9
- SSDEEP
  
  6144:IADBRhB9QYCEMPyp34pOS1j37mX0TbtokY5bGJL+YGk55sbRMC25hMekl2Uc21Z/:bQpPyWp71jSEntEtYp5eX2Mecr
Score

3^/10

discovery
behavioral21
- Target
  
  apt/SysWOW64/AnalogCommonProxyStub.dll
- Size
  
  17KB
- MD5
  
  e3a26f1f0636112c6e3d0fdf9a4653da
- SHA1
  
  7208f85e2a6035fe856ca3d7895b2d5c807dec52
- SHA256
  
  12a6f561e4475067c408b6b5bac1652b71a6e2b428ac9aa911abf15907797665
- SHA512
  
  0ef092dc30ed7e2e0630f1f57f4a4d61846426de39e41f428ea4887cc23bac97e6addedd15e93c9f752217a9684620d9187043d362ed4056f5a47658a09b6ced
- SSDEEP
  
  192:d0zEAGv6jIvC4K1wnd+IKv11tqPOEvZfrxW6aW0Hot:daE/6wA1wnd+IK11tqPrZfrxW6aW02
Score

3^/10

discovery
behavioral22
- Target
  
  apt/SysWOW64/ApiSetHost.AppExecutionAlias.dll
- Size
  
  82KB
- MD5
  
  6ecd9dd6309d09a75855a3c7c8245d4c
- SHA1
  
  cf59e67becb0bb440c59ff17451971d404b30599
- SHA256
  
  52ba5ee87fed5513eb3d0a20b3b4d6255d226e519c7683f1ba2a80143ad3c6dc
- SHA512
  
  859f7b012f39a914e64f955b0b0590ac26a431ec5d98ac2a802f626393f8107c48ef0718a88dfe3be1ee625b17574423548ed56ec2c120f96aaea6141833d579
- SSDEEP
  
  1536:tkFQifLSIhCKlISx3Wy3JrtKp2zLyNGMzl0oPacX0VL7d:MPfLSIhhlzWxpOC0Wa60B
Score

3^/10

discovery
behavioral23
- Target
  
  apt/SysWOW64/AppContracts.dll
- Size
  
  753KB
- MD5
  
  18b285d22631c1c2a3d31a22e0077bb5
- SHA1
  
  7361e3f1edcec6192dde3eb048eb017a265a8569
- SHA256
  
  399f410e348cc83f7b99f8e1fb2682dd07dab9a6636042ceef7d674b9cea7490
- SHA512
  
  5753d8216a63c2ba12c5c6b3ef982dbe7cb5a89c540ae3c3d69b348ab2829d10fe54d830c43e37e7b08569248078cda3442c87d37f804592307739613605e290
- SSDEEP
  
  12288:OuptsRTC3FT9Zh1NX+UQbsuXvL+qDlQhH6Hy66:OuptsRTC3FT9z1NX+Uk1vLrGH6HF6
Score

3^/10

discovery
behavioral24
- Target
  
  apt/SysWOW64/AppExtension.dll
- Size
  
  132KB
- MD5
  
  68f82f01a8ed91beabdb1fe69edfb767
- SHA1
  
  626176ee421510e89f41c8fe02c0879023fe5f6f
- SHA256
  
  0c0dfb26f33783581de35ec530c3d064fe84bf14666c1b60113c2d058edbde3a
- SHA512
  
  accf9d300f88abc1571bcd6bf4e9c5cace987bd9200bc6505c9dbb8b1ee36cb32b8a827ecd477170e7f9cf1337a55524f9d5d512ebaeb67a021fd5a5802a22e6
- SSDEEP
  
  3072:yY+H2ZT7jC2/usUgc9CR5S/pkjBB+a5NwBpB3BCoAB5BrQ1eEHaKDYCrYkP:yYTdHx6CR5S/KjBBj5NwBpB3BUB5B81V
Score

3^/10

discovery
behavioral25
- Target
  
  apt/SysWOW64/AppIdPolicyEngineApi.dll
- Size
  
  279KB
- MD5
  
  9f6ee25e32423b3db3948dc23051804e
- SHA1
  
  eff0dd774cdb41cc49e70b2a5058743a2cf0f355
- SHA256
  
  1d29d9927ed75ef12db2b42e42bef80916d6c7f64f615d99824fe313092e459e
- SHA512
  
  cf95df9a04dde3cd4b7dd7f8dbc123e64f802a5d55a95750979afb53ee0bfc0b1ebe736f1905e4a572e38c11e4a269242e1dadcc6616ddc7b2d6dcd07a1ee83e
- SSDEEP
  
  6144:MvlZCFVK21Gxw0+IaJsLHOuuI5mJ+3wRyJ3fFsAe67PTllGtwwZxJbZGSuS9UQkb:MzCt1Gxw0+hsLuuuIYJ+3wIJ3fFsA17b
Score

3^/10

discovery
behavioral26
- Target
  
  apt/SysWOW64/AppInstallerPrompt.Desktop.dll
- Size
  
  37KB
- MD5
  
  b5de2cfe7ce6f8207b221d300a57fd2d
- SHA1
  
  bd64b6b036ae580b110e80cc51a6c523f1eb206e
- SHA256
  
  71983e9cbd73f6e0f60cb94bb392def0d91aa494bf42987cf8145b4c4dbe76af
- SHA512
  
  74b73e117b65b13dab48792cda21df8562601882b0b3e388b0085163159a22cd2cb1a863f45f1335a245e22a63210e1b9060ed76f941ed3296a92b5f5a7c8360
- SSDEEP
  
  768:xusyZWTaBkv2xHldPRu5ZY0CWepDqfxXYUou1cet3nE:xusykTaBfxnPRuKW/f+Uou1c43E
Score

3^/10

discovery
behavioral27
- Target
  
  apt/SysWOW64/AppLockerCSP.dll
- Size
  
  266KB
- MD5
  
  5bd99281a8da6a8834d55de1755de6aa
- SHA1
  
  78a60ac9b73ea04dcd0bb475ca96b988825c0a05
- SHA256
  
  c90d3cfa11d57b7094566b58d92e3b1c85de47066bd40ae06efb99035815ba0b
- SHA512
  
  a8483bcae4ebb7acde52ddabafde42dc350c4b90056f3466f7d83d56b8c2ed805750ec4541dab46da2227b497336d55abf0214d4cc411ad8268aff56190c3534
- SSDEEP
  
  6144:JMzB7eTdEWha7dcvYvj4bqbcMyMEXzHj3rGDv+:JMzR8dEWhAr7bcMyMAzHjbUv+
Score

3^/10

discovery
behavioral28
- Target
  
  apt/SysWOW64/AppManagementConfiguration.dll
- Size
  
  122KB
- MD5
  
  f80299e4d8400f98d7182b085f06e394
- SHA1
  
  a0e3838094bbf19e133ffd6bf70052295dcd4944
- SHA256
  
  426b5722e49729ec0c142fb51c2065154da751e41bc67fc4517a7f654a36a680
- SHA512
  
  83971313d5b3325ad925a0aee7cbefbb1a85d197d1370ff0029b0bb001d07836254a76e6361c5ee006ec4d02c04820d08994414f181dfbd2721f3e2388792046
- SSDEEP
  
  3072:Htz++snITbnIIeenx4EI6ws/IyBvk4IND37PHVdePsnftLXA+EJPR0iiKndzRlZe:Y+UlpCsKnxDZiYq
Score

3^/10

discovery
behavioral29
- Target
  
  apt/SysWOW64/AppResolver.dll
- Size
  
  459KB
- MD5
  
  f607a41680385767114921e23c8e3d98
- SHA1
  
  6171c6a57f51e1c47465f3314a21d36882fad677
- SHA256
  
  bc0ca83aca3b63b63c1be8e7e0072289bf8c448dca1f76f3fbdb6a3c750ca9ea
- SHA512
  
  e2df6d75c1efcecb3bca4abcce01f56fbeec4de6fad51ff2f048921fee127f9a36b75fe43fe68e4346cd831eaea730275d19e74e62c35e236b2aa7c47289d05b
- SSDEEP
  
  6144:AhLZsijK5FgSQr0+q3n84ag7Hy/HbBrdiKCFUpZnVRQBi9iNfW31tiwM5CCLgyw/:4x9FXq38Pg7H+p7eYQHn4o0
Score

3^/10

discovery
behavioral30
- Target
  
  apt/SysWOW64/AppVClientPS.dll
- Size
  
  27KB
- MD5
  
  31d009249d3db92698663c560dd64035
- SHA1
  
  32094f212d902fac6af6c06e416033b8a77bdc24
- SHA256
  
  90718ccbf569c208a0f22ad7ee0cb2c39cc895d8fdcfede557736ef8c0484c6a
- SHA512
  
  242b8ac42dbc473162c0c7aed904032f8d67c2f712850edd1a95adb06f8d4f592ba9fb5ce3f541bd160cb0a5402ca45c4a8a5fa2f6934b5c684ba0a7863d6df1
- SSDEEP
  
  384:E//nHVMxbx7RH/JHjCtrGTWBO4UWIq0DBRJiR9z2dq3z:6Mxb7/0ts4301PO9zZD
Score

3^/10

discovery
behavioral31
- Target
  
  apt/SysWOW64/AppVEntSubsystems32.dll
- Size
  
  1.4MB
- MD5
  
  29b2087eed6bb3e4e97b667beb74de98
- SHA1
  
  a5b5f88bde9e66d4f9510d29e04c17ef91068be9
- SHA256
  
  e8fde1c00d932a5d92f1516fe91b78cf5afc424616134069a11b479408a54790
- SHA512
  
  d6964a4894e9807db75540bd8e9171889bc9437ef2c1242800c4584b9d9ce59a9dd8a59eea4294713b98421dadb6edc9fa3c429f99203611b0f5391c686bf34b
- SSDEEP
  
  24576:GTNj4mz6sHHEv9e/cati5jZKMh9I2Jsh/+JtLIb5RXET0Ot6XUlBiHoBtmh61u:oj4vcEFe/ah9IXh/oIb5CT0TXUlBiHoi
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of local email clients

Reads user/profile data of web browsers

Accesses cryptocurrency files/wallets, possible credential harvesting

Checks installed software on the system

Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32

We care about your privacy.