lumma | 4a064668ef3383a56a03c4609ebdbd5b50b4408dedd5cf4f210554feab61e9f6

Sharing

Copy URL

Twitter E-mail

General

Target

files.rar
Size

17.4MB
Sample

240625-cynhxswdke
MD5

5d127fa7309ad872aebb6b317bbb63d4
SHA1

a641aef36d1a24d5a8e3c89054afa408ebb693cf
SHA256

4a064668ef3383a56a03c4609ebdbd5b50b4408dedd5cf4f210554feab61e9f6
SHA512

826676d4ef595885fb97c195c8609c1062303d28b0b46f0ae9bfa383caf096c711f3e222207196af51aa9b61192489e6b17d9931023040b4e6fe445e80c955d8
SSDEEP

393216:NPZdFcQj2oCSRiCkgYP/J0DX3G1bKkkm/36IBFIVGli2cz4IOEB:NPZnZC/CjK0DX21BSnGM3P

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://leafcalfconflcitw.shop/api

https://publicitycharetew.shop/api

https://computerexcudesp.shop/api

https://injurypiggyoewirog.shop/api

https://bargainnygroandjwk.shop/api

https://disappointcredisotw.shop/api

https://doughtdrillyksow.shop/api

https://facilitycoursedw.shop/api

Targets

- Target
  
  files.rar
- Size
  
  17.4MB
- MD5
  
  5d127fa7309ad872aebb6b317bbb63d4
- SHA1
  
  a641aef36d1a24d5a8e3c89054afa408ebb693cf
- SHA256
  
  4a064668ef3383a56a03c4609ebdbd5b50b4408dedd5cf4f210554feab61e9f6
- SHA512
  
  826676d4ef595885fb97c195c8609c1062303d28b0b46f0ae9bfa383caf096c711f3e222207196af51aa9b61192489e6b17d9931023040b4e6fe445e80c955d8
- SSDEEP
  
  393216:NPZdFcQj2oCSRiCkgYP/J0DX3G1bKkkm/36IBFIVGli2cz4IOEB:NPZnZC/CjK0DX21BSnGM3P
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  lnslIaIER-SellUPv4.2-gratisHUB.rar
- Size
  
  114.8MB
- MD5
  
  e2cc2be79e7e2730e8ffaeacbe388d1e
- SHA1
  
  438d8ad3ff73429bfe78816676ae3b7c4146bbb1
- SHA256
  
  1a9ee6240ce266d8c0147d27b20ae85be286d7753559ae0a6ae6aa073dab6a4a
- SHA512
  
  58a4099706b5080aed857ef86a3c78388099e51ff4af869bbd7d1d27e48c1e63ecc5ebf1ba795d42c2759d5d80308f49d4d9082cadfd7ddd43d060bbacca9157
- SSDEEP
  
  1572864:XO7ncbX7c1FB2B0cAESPc1PKcZVCcVDFcjxEcgf/cQb+uj/Rck87cHo5ihMAByn:ecncHcgcQc6cLckckcXcyRn
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  lnslIaIER-SellUPv4.2-gratisHUB/Setup.exe
- Size
  
  24.9MB
- MD5
  
  4365c9b87939fa394977adb5afbd8393
- SHA1
  
  59261556cb75a83f97f76e74a3844a53a3429557
- SHA256
  
  9bd2435ba80abf9ef85e8499742cb7f4987e5f9daac23525cd6e853450920537
- SHA512
  
  e202f748af96adcd270d4fb2086fae007fd5aaedf6971154907cd3e27cf0a2fc2f6ed88517fee9983196b79b3f242a42db202654c98677106c1b5b4876327a0e
- SSDEEP
  
  98304:bVVzLEUwf2wm0CRLqiezTADEM1kMbSMSwUpU:MX2wm0GLqiezTbM/U
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral5 behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

Lumma Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6