Resubmissions

01/07/2025, 06:37

250701-hdmc1sdm3x 10

01/07/2025, 05:20

250701-f1tdqs1tew 10

General

  • Target

    Setup.exe

  • Size

    1.1MB

  • Sample

    250701-f1tdqs1tew

  • MD5

    5e80f3a191aae0fb63a1a0c6d8d781bb

  • SHA1

    2083c8270cc0270cc2d2de1858fc38f5e9d09f9e

  • SHA256

    240bce5a0d11df228597503ac7070f5f54cb40b71a8d1ed7f3de3d97dafacd47

  • SHA512

    7e2601c6fc8e0642a2e405d39988d980c8a83c0d31b352e4b48525d73b67cf0582b4a77a80cc046717cf32a8d5f7b0a7ae2ec304dade1f6c769573ae3b08c0d8

  • SSDEEP

    24576:O0adjo4mkZ7hDsijX4nq9wrQ9c5qAoKtzi2T9pgLbHcjXDFyMZI0Q2Myk81:OXU4p7hLjonq9RcVVBjpqbHczDS2n

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://stochalyqp.xyz/alfp

https://narrathfpt.top/tekq

https://escczlv.top/bufi

https://localixbiw.top/zlpa

https://korxddl.top/qidz

https://diecam.top/laur

https://citellcagt.top/gjtu

https://peppinqikp.xyz/xaow

Attributes
  • build_id

    f020fca5b284e3026ebd4807041a821b354185

Targets

    • Target

      Setup.exe

    • Size

      1.1MB

    • MD5

      5e80f3a191aae0fb63a1a0c6d8d781bb

    • SHA1

      2083c8270cc0270cc2d2de1858fc38f5e9d09f9e

    • SHA256

      240bce5a0d11df228597503ac7070f5f54cb40b71a8d1ed7f3de3d97dafacd47

    • SHA512

      7e2601c6fc8e0642a2e405d39988d980c8a83c0d31b352e4b48525d73b67cf0582b4a77a80cc046717cf32a8d5f7b0a7ae2ec304dade1f6c769573ae3b08c0d8

    • SSDEEP

      24576:O0adjo4mkZ7hDsijX4nq9wrQ9c5qAoKtzi2T9pgLbHcjXDFyMZI0Q2Myk81:OXU4p7hLjonq9RcVVBjpqbHczDS2n

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Enumerates processes with tasklist

    • Target

      $TEMP/Anytime.dot

    • Size

      54KB

    • MD5

      828b31c554ffafc6a3aa5d8d07c5120b

    • SHA1

      2c381442f05d082b4a55eb67088d89ffe14473a5

    • SHA256

      3a13f040064fb52fe07a62ccf1f863d852d908d58b6b02167f565e68a5f91837

    • SHA512

      f10c8b35357d240ada8f3f05000b7341ffa660e929f9fca4b2c6afcb89aeedb74a69438bde35754322fe14f625409229c8caa624b5ef8febf51bf6ac3a2a3691

    • SSDEEP

      768:IsjimbQmrqMnCioMjSsBIaUzLerhFkym8BXkthWcw3iHOlMLsFKtAb4OXS:pj1UMHoMdIaUvmkyzXMDdHEMLXAb4Oi

    Score
    1/10
    • Target

      $TEMP/Attitude.dot

    • Size

      63KB

    • MD5

      63da6ebb69ec97a1c5cbc175935e74f5

    • SHA1

      cc5a440ad643073cc8fccdd9c95c243323033444

    • SHA256

      d2bed4576ba8aacfa88d79c65e4c0b015c59ada2b1a76d8fcc2fcfaba27ea7c7

    • SHA512

      370a0c44a8a02461420173f5356965ad7c811c9c30f7dd0b0a10645c1d628eae25011218aeeae2df50eb2c01e1eae1dc993f1b3be5c421822f8bf21c8611bd4f

    • SSDEEP

      1536:Xwunxre2dlnbi3yhaaPHguIyJ6q40azZg7o/c:/5eQdi3iaWHguIypazqb

    Score
    1/10
    • Target

      $TEMP/Color.dot

    • Size

      61KB

    • MD5

      d86cce1201dba1d880a23e21b0e0294e

    • SHA1

      5f5a05a0a06774ad6ac99411e848991bd29631bb

    • SHA256

      c6eee1cae85e9fc7d4604b2b8fc30f117fe79176a1048ae08f7d390efb62c1ed

    • SHA512

      0296259fc2b53fcfae380288cca10a01f21bcd794e0570e8d9fd1145614a1f7d8efeda6bac3dcc1ad593c834cf159e9f44a4da94934d2a225532f36fce26609f

    • SSDEEP

      1536:eY1v8aZZUFkkPUOFCuzHog6GBu/6dHtXWhmSV2WqzJeEVW/At6Emx:eavdUFkoF7Hog6uuCdwFewEVBg

    Score
    1/10
    • Target

      $TEMP/Consequences.dot

    • Size

      87KB

    • MD5

      a77ee830abc2608cc2b16d97d8d62322

    • SHA1

      631a98da3cf8433d24b5c7e0f220f2613d3d955a

    • SHA256

      28140a1897426ea43491b719d3fa3d3567739b0dfac5a9ee15dabbff9aaa6f65

    • SHA512

      b6fd9f2baa689190701a9a95602d8c82bc0d3956a6bfd8902dbdc5a19cc3655b3d3ec65a5f97000f84d3223ffce4c683417370ed472de54a6eefff1cec58ac31

    • SSDEEP

      1536:S752DTsqtUqaYo9VzV4qvf/qJ93QSYVWO5cKv6Bw4sVy:S7sDJUqRWX4qvf/OQDgO0e4sk

    Score
    1/10
    • Target

      $TEMP/Entitled.dot

    • Size

      8KB

    • MD5

      1d4e02a00655816925b5242ccd3d027d

    • SHA1

      ccf060157f77aa8e870e21ab2d82215064c4a135

    • SHA256

      85fbc188e297280432f6f505267bfe210cf395ad8b8f0bd4a805a95b17ca6df7

    • SHA512

      09a72a9eecd20b2b4bcce80f6a5b7464885f122d1f9949fe585e3ea5709f53cd218d9619b5d48f159af01e6644bd1c010b504ab1ad4db4247d34fdeb32327aa8

    • SSDEEP

      192:jnTEfMWDdtWTKmK7lZbW6O3unEiiXJnx08K4NCZ7:jnoEW2TKH7TbWXeboxx080Z7

    Score
    1/10
    • Target

      $TEMP/Pleased.dot

    • Size

      68KB

    • MD5

      e6ad99f9219779111b4f1b35cee18430

    • SHA1

      4beb43bfa99ae71388f74fcde1da0e07f4f9f6ce

    • SHA256

      3c66570a3d37aaede803c327d01bdd03880ecfd0eef847d645248c642ec2226e

    • SHA512

      b1345dd106c614ecdfd67a4a6c085ed33eb7562a0226504f4605dbeeaa9c9892b0f0fc31265911df435d8cc3c56711a9dc45925ff095709a8a9bc4de9a03102d

    • SSDEEP

      1536:IAD49DrpoDOKvmyQYWJCPMmwWltLHpumCyeqM2bmSED7:IhrpoDOwhrPMElJ9heGbfM

    Score
    1/10
    • Target

      $TEMP/Richardson.dot

    • Size

      86KB

    • MD5

      59b53c75aa34be7e47c81e4a2a14b077

    • SHA1

      3b7ded22e4354a2b1bc13798899f2036508c3236

    • SHA256

      bdc480c7eed5371b031679313f387c38917d9e71ad73c46f2c5b174ccf43cb8a

    • SHA512

      9c9caeebea0d97653635bbd5fb5338f3f61b6b579afafd109ddd2e8f64e261d0de20d8bbb04843a01794cdf29a288780886b5fb2ad33952f403b7c82100fdc66

    • SSDEEP

      1536:Ydc7FV4o0y8SQ1nE1WPQK+JN2kDHcHqQRTb0yXRouBNtgx2vmdr2n4FuIpoGqQ24:Ye7Mo0yR0YB2o8HLb0yXWuBgsvmdr243

    Score
    1/10
    • Target

      $TEMP/Submitting.dot

    • Size

      53KB

    • MD5

      5754a2f4323b175d5432eac0bb81f2ca

    • SHA1

      92f37a04cfc07ef1e20bda3d5cc33011766dbeb5

    • SHA256

      8ffcdab3021da520c02211fa2df6a480718618f1600abb5e9a430d3e90150fbe

    • SHA512

      f0c04b0ec63b420fa183ac65e7f5c48beb0daacd114076956aabb78ec05796e4c7685d0c4b6851a80fe9cb46edd2ca753b8913928c2a34745b445dc618a6fe28

    • SSDEEP

      1536:zU9r3Z/iyz53Tfj/GGfIw0nvJuFmqCU/7QTsK:zurpnz5jfjOYIwAh52YJ

    Score
    1/10
    • Target

      $TEMP/Turning.dot

    • Size

      70KB

    • MD5

      c27e01a7a3d0062890583b330d8b8280

    • SHA1

      5fdb3acaf5e478d55cc8c44faf19b37234aa6698

    • SHA256

      222a85f880cac9de2d6b8895acb05aa2dbee29e7986c471223ba6b62a0bd8614

    • SHA512

      7860975e2b61260363f2f13cda357ba03f34320cd8803181b2012c12a6fbe836a073fb32eefbe0a4777baad7f20d0105d1b49c5968c49a37634dd37d5b90ea17

    • SSDEEP

      1536:50U71qxLSrsIwE7Nw+VhAC8d73GwxFTQkaPbDUnifndYNWxmfylJ:+k1qxOrsIwEy+VbOjGwxZHQEifi0xkyL

    Score
    1/10

MITRE ATT&CK Enterprise v16

Tasks