lumma | aa3096afab2baec1de03c610cd3133bab3abeeb6d1cd11530088f8dfe77c5fc1

Sharing

Copy URL

Twitter E-mail

General

Target

!!fUlLSetup_22334_P@ssKeys!!.rar
Size

13.9MB
Sample

240624-y449hs1ena
MD5

56c02bd4cc9ffb61b0d914bb87e6a673
SHA1

4a2253888eb02d7c80c522ce5e55da94fbc08fed
SHA256

aa3096afab2baec1de03c610cd3133bab3abeeb6d1cd11530088f8dfe77c5fc1
SHA512

e4beabf904d93f447d9f2ed532ace40b58e75b3aed064cf53a2e1b23c4397be4fbb1190bff500b23f8280577f52006dd69a3c67425ca435b15d53670b7f1a8be
SSDEEP

196608:NDaOsq6ce59YvrWR1HbNt27krlA36CBIh0q6rb0B/qk0PUIw9G4bHXhnqHdV3Y3q:jsqy592E7kk2MhF6rbfPnefb30HbYIZD

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://publicitycharetew.shop/api

https://computerexcudesp.shop/api

https://leafcalfconflcitw.shop/api

https://injurypiggyoewirog.shop/api

https://bargainnygroandjwk.shop/api

https://disappointcredisotw.shop/api

https://doughtdrillyksow.shop/api

Targets

- Target
  
  Language/WinRar.exe
- Size
  
  3.2MB
- MD5
  
  b66dec691784f00061bc43e62030c343
- SHA1
  
  779d947d41efafc2995878e56e213411de8fb4cf
- SHA256
  
  26b40c79356453c60498772423f99384a3d24dd2d0662d215506768cb9c58370
- SHA512
  
  6a89bd581baf372f07e76a3378e6f6eb29cac2e4981a7f0affb4101153407cadfce9f1b6b28d5a003f7d4039577029b2ec6ebcfd58e55288e056614fb03f8ba3
- SSDEEP
  
  98304:lJXOBfK92HbAw0CNB3kJElzNsy8vGUvfCo3ABH43:lJ192HbAXCvDlzNsy8vGUyo3AB8
Score

1^/10
behavioral1 behavioral2
- Target
  
  MediaInfo_i386.dll
- Size
  
  6.2MB
- MD5
  
  92ca7e5d272e75a260ac9c326184e561
- SHA1
  
  9640262e59714e6909edfab5b0f59fb6fc374e4d
- SHA256
  
  bb2451d45677197c42655b51fafb95d7be0c2fc3998e4de8bd3a7ee2146de52b
- SHA512
  
  eedbb4f66c04c03d2fcc0e8af8648a1986ea77468a5778d6bca6839d9633ea044cba00535c742478684803f8fc6a72366f654be5ac5b45a35798060d84141235
- SSDEEP
  
  98304:8DnZ93i5eqrKnv31BWxlSkMPDgc/YYYHDPQ4SqDX:87Z9ieqmtJB/mZD
Score

1^/10
behavioral3 behavioral4
- Target
  
  Setup.exe
- Size
  
  5.5MB
- MD5
  
  ae697c5f8ef74fbe8daf09358afd9324
- SHA1
  
  8e18a9ee76df13daa5cfaf079872c77a25f15338
- SHA256
  
  4fc64e114f80ce755040ac2891bd1fab0492a831177491f3fe1382adf94030f9
- SHA512
  
  6f2bdd0c9d746218ab8c215e7d9fe1acaaf39763077eaf1a03754acb4d8ccfd518b052d98675ebf0233bbd3aa87ceffe1ffcdc14219b0a6f308d84a978a5f23a
- SSDEEP
  
  49152:mUWKwBCwZwchtBQmK2OMaKoEL+4V1njSYu65d8OtZUyZZlACMtUJoiIUCNPoBkYe:41BCwZwc5QfKRL+wfdhBWCdxA
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral5 behavioral6
- Target
  
  en-US/AutoWorkplaceN.dll.mui
- Size
  
  2KB
- MD5
  
  a311c98e7cb3bc2c6f4ad9ca65e95810
- SHA1
  
  481168e5c9437731ab632fcacb9c88471c008d6b
- SHA256
  
  799cf32fc0515a4bcc0388d0d39618d9c67ee67a1c2000d7344c5a8120004e2e
- SHA512
  
  8eefd67ab748725145db643dab47f608b66582c194e42ed412bfe31f26c36b2bd2c4e157fa1bfaa582c697de267c242e5e809be109c7ab3f61f19bd6812e416a
Score

1^/10
behavioral7 behavioral8
- Target
  
  en-US/Paring_[1MB]_[1].exe
- Size
  
  1.9MB
- MD5
  
  4601692d9ec47eb3ed8b843de5a36ccc
- SHA1
  
  005b44a84219035e85ba98109ccc16a59fb85946
- SHA256
  
  d377d81e1a6e4afebeda31326179d157f3a463129f2cb639597d7c31b1610ce1
- SHA512
  
  b98f290274f5bb98e8c18c9ae0105559d0a98fccca27afbee577c7cdcae12a4600fc2ab0134c98e3c1fd1a2bd03bbe94f606fd38089c77140e05e8b7b955575c
- SSDEEP
  
  49152:1KgeR7rW0PiFtA20ilRO+2r9FWjjyakqN5n:AX/W0PiFO20ilU+2OvjkqN5n
Score

1^/10
behavioral10 behavioral9
- Target
  
  en-US/avicap32.dll.mui
- Size
  
  8KB
- MD5
  
  a5696b2d379fb322c7ee1e18c01ca920
- SHA1
  
  0063d4f4814d4565334b5937fd83b56287ab413a
- SHA256
  
  cb852e13a323c8e226b9bccc7786df3c55e4be16d9d63f4911ea0565ac879a9c
- SHA512
  
  01e93385f90fd0a25d8c7da31704cf8d04596113fbc9c19199506bbb5ba978f974c65a636ea663fec0c32408a931499814f806091ef7b3d9ca59c26fa01cdabd
- SSDEEP
  
  96:9XIEThBLwopUCfwpyIR3M7Pel5LdDzdlSjrviqEtp9JhZ47/5PYBtTdbhFYIDiqf:KKxy3M7P5vRULZ4S5HTbnWnUrTWQ
Score

1^/10
behavioral11 behavioral12
- Target
  
  vcruntime140.dll
- Size
  
  94KB
- MD5
  
  11d9ac94e8cb17bd23dea89f8e757f18
- SHA1
  
  d4fb80a512486821ad320c4fd67abcae63005158
- SHA256
  
  e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e
- SHA512
  
  aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778
- SSDEEP
  
  1536:yDHLG4SsAzAvadZw+1Hcx8uIYNUzUnHg4becbK/zJrCT:yDrfZ+jPYNznHg4becbK/Fr
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14