lumma | 6521f39048001ad5c0ddde721b3e1ccd886ac1d803ddecd8e97ae2b3d3d64ea7

General

Target

Setup.zip
Size

115.0MB
Sample

250330-vxk1hsszgz
MD5

4ec140d18a49e8b7bfa09230b19f00f0
SHA1

edadbdd9b48ab30534e9019b70781621e2a09385
SHA256

6521f39048001ad5c0ddde721b3e1ccd886ac1d803ddecd8e97ae2b3d3d64ea7
SHA512

35ac0a9e930f6213ee3802fdb8df92288edbdcf0947e5c9228996a584a56fd927a1e314d4ca12e6f264597b5b77b2a1ad72558de577bee8b08b898f8a5f0535b
SSDEEP

3145728:NwTZpUjMR8CzKJBWxgEgr9dV+bUw0DQJp0cSihYo:NMEm89IgN9qbUwvJp0L6Yo

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://castlaby.live/naogd

https://metalsyo.digital/opsa

https://ironloxp.live/aksdd

https://navstarx.shop/FoaJSi

https://-starcloc.bet/GOksAo

https://ladvennture.top/GKsiio

https://targett.top/dsANGt

https://nspacedbv.world/EKdlsk

https://4galxnetb.today/GsuIAo

https://rodformi.run/aUosoz

https://starcloc.bet/GOksAo

https://advennture.top/GKsiio

https://ttargett.top/dsANGt

https://spacedbv.world/EKdlsk

https://galxnetb.today/GsuIAo

Targets

- Target
  
  Extreme Injector.exe
- Size
  
  102.1MB
- MD5
  
  272f2d74795ab3d03804c71f00344613
- SHA1
  
  045bda7b78be00270f0546e78ffa60c7cbdecdea
- SHA256
  
  4b84e27463c1ceba86667b6f835a54ce16fa722cd4dcf151a15ee0b89fc3bacf
- SHA512
  
  ba0d183aeb27e584d1b22f6af86d89160a438e634f72f4adf8e2a138ba646567b521d14f587d7f0d3892247bd06f66a2d221163d8cf9f361838c191d1a1146a4
- SSDEEP
  
  24576:4NI2LXlFLf2uee/0kd+mELBX11GyDXcOSbXsRkj/o7elGcQzWAlQ:6nFFytuFsW/1AcQSAG
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  Qt5Gui.dll
- Size
  
  4.8MB
- MD5
  
  d9b78f4b2f8f393c8854c7cc95eae5d8
- SHA1
  
  8d648e7bda5b6bf7b02041189b9823fe8d4689e5
- SHA256
  
  55faebb8f5e28cde50f561bbd2638db7edcfd26e7ee7b975e0049b113145ae38
- SHA512
  
  6e76b524a56cc9bb5ae4beeedd41a48c35cf03c730752da3cae49862cb7bc3c17283099c39787f5933c1771eca7c2e651d92b961de7f43813f026eb295c90c81
- SSDEEP
  
  49152:PcLeg66Ry8jdAYbppzo7Tzj1/JrRbkwW6Ydzzr3YCWizxCqDRkU9i4g1/JAyn:kLrBpr1o7bRyfdzzxz0NTA4
Score

3^/10

discovery
behavioral2
- Target
  
  Qt5Network.dll
- Size
  
  840KB
- MD5
  
  0fdda3a8c8be28993b156b24b300ccdf
- SHA1
  
  57fe6cfd0b28708d23ae560675d4c462127722c8
- SHA256
  
  335cec3a5f9082f083190660932b6641f682f4c5818ffbd6ffa98c9d0c24e0f1
- SHA512
  
  4ba8b28ac903d087344185b77144bfcbcd5bda11efb2a8d45b942363b8a13c7c4fb56820644166c7556fb44b68a8786ebb10b8cc4b3557247aa85214289e4453
- SSDEEP
  
  12288:/fGeWXoifZwygBFp9RsVqSA3jk1x5X+JPnk4PpazkoLhVY9hqivwlsBNzARfG2:/fGeWXoiBwHbHEgqM9BNzARfG2
Score

3^/10

discovery
behavioral3
- Target
  
  Qt5Svg.dll
- Size
  
  253KB
- MD5
  
  06cc5d18a496520e05bcfee1e3169535
- SHA1
  
  98ba5d0ed52499a845038c3b4bcba356b9339f11
- SHA256
  
  ea31035fa96ba656d64b58d4f1a9dd210df7154afad3d4f96ee36b41584e4360
- SHA512
  
  154a2fdbaa045df6289476420cc4045905a866cd54d756dcc09e0ea79f2cec7f33c748534f47c827841e35c35f71d462cadb801a6b99bf72c162c075d786fdbe
- SSDEEP
  
  6144:kKD4dwpLEE61jMW52NP5xwuMnyOWYGcy8Dv4Cnke+9oCsGhvdw61IwxP4zd:kKD42pLEE6mw2NPnBMIBrU
Score

3^/10

discovery
behavioral4
- Target
  
  Qt5Widgets.dll
- Size
  
  4.3MB
- MD5
  
  f697ffc85fb86d72654c4f5ba4e1bdc2
- SHA1
  
  670657f598d408ab232dec75be6fc7983bc5ce4b
- SHA256
  
  400fa69aa8803f6c3a6f9a5fc956475d0396095c4b6d4665b7aa29bbcb8e3640
- SHA512
  
  47513892c22a193c51ecf09c8f3e4c4271a92be33b7b7d535290ea75a1498c5531881a26a85dbf758361e6892abf12a796f1c5c284a34f1d173d61d2012325b7
- SSDEEP
  
  49152:Zhk8cs4FhK1FKBxR8Lcdm0OTqZ7uA/GrXHIaTU+cDZ0V37SUJ:7k8ymoBxKAdmL8yONaQi32UJ
Score

3^/10

discovery
behavioral5
- Target
  
  Setup.exe
- Size
  
  2.1MB
- MD5
  
  b2a3644eac09f50b16aa4d3fcf207954
- SHA1
  
  f8297b820360c12f91464c8ddd44fd18bc83b45f
- SHA256
  
  8f5b8f495c30b9c036219413370daf76fdfd73e065f329d05a5c5bfea4bf47ca
- SHA512
  
  e4f24b36a5a77c005e3e8a3ee686462afe8016004c06b5ae1cdb9c4b305dfccf2450691e60649abb704e6bc815c5478e72a84fbc7e1dbff06a137cdb4ef54e7e
- SSDEEP
  
  24576:ENI2LXlFLf2uee/0kd+mELBX11GyDXcOSbHYROlWJrsUrEMFksh9W8:unFFytuaRFIUEMe+J
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral6
- Target
  
  msvcp140.dll
- Size
  
  731KB
- MD5
  
  45ad5195977a46b165bb96887ac206de
- SHA1
  
  ade19c68fc90514a987760f3a0fe881bc2dc3bc4
- SHA256
  
  60bffec055dcee0eed7c3d2820fb501f81e022a2911f7b01f5ad71bd130f2c12
- SHA512
  
  643bb1a63211dcd8ec62f15740934039b7dead7e823688f50598657fa870f74c3e25c245b50108dc1fda0f0887105f398f8d62a56f6aa3f652368f48abc6e6f6
- SSDEEP
  
  12288:OCF7Zcy+NjkHtlzigWBqf/qq3R5W8ZB4zmRzbaTsViRUF9TZ:F7iy+1k99f93PW8ZBS+zbm7sr
Score

1^/10
behavioral7

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7