lumma | 0ff0d7f6a67bb2daa879f111d4649231cb3bd89090085a06c9039aabc5fecb2a

Sharing

Copy URL

Twitter E-mail

General

Target

Cheat.zip
Size

53.8MB
Sample

240701-k15tzswekk
MD5

7d4ecd399abe089890635c68f8a38bf1
SHA1

68568d6c5464d04b11f699b6929f4ccd53bdf9b5
SHA256

0ff0d7f6a67bb2daa879f111d4649231cb3bd89090085a06c9039aabc5fecb2a
SHA512

3fd0067a8f70d1eed106818df5a44766743f45ff6e4be19a8d9e2a9c22900738296e6e0a8d0946bc2b31e00523fe46db33b9f923bc6eb4933811abd712f1342f
SSDEEP

1572864:56uRuV2tLW/f/pbJiHD9OUqifixVCEGxAnxIq1QeXJah:5FuuW/fx1iH5xfixVCCnxIsXU

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://citizencenturygoodwk.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

- Target
  
  CLibrary.dll
- Size
  
  6.5MB
- MD5
  
  9a319ba89b9427cd2251fe2b5b2f8268
- SHA1
  
  ca95629d35f35d703acde97a9219955d24fb9dc2
- SHA256
  
  50b11d03d16c1d71072647d3a41dd4370ee356306984f467c274260f5ef13958
- SHA512
  
  af7affbedd59dad1509d820b602777d4e56fa5636112f976f843e83e98c52c8c8f7b37d6c7622483ba7113cb4de92754e72102aff25a5852e0596f171039b37c
- SSDEEP
  
  98304:v9wyQ37ksSqslMh/xM/uZzVrwQYpKPJDeg3lPq6hTa1DMn:Vh+XKC/xFhVrwQrPJ9iY
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2
- Target
  
  CheatInjector.exe
- Size
  
  12.0MB
- MD5
  
  ffd54dd853ba501a846bcb20b8fb8a92
- SHA1
  
  167e0a2d7fcb110df4d5561cfb0aa86e67784f4e
- SHA256
  
  bc668cbc597c7b00abca9b6ead346889cee9c8de235534bff296417a077df999
- SHA512
  
  eedb05f9e7a260004a53b6196401e878c8f2d2f1c47e280dc5bbca245771417fae7ffea1201ccdf1ab56a6998e0acdf2ee7e39538ea91e056f91811e2e253f6f
- SSDEEP
  
  98304:qTTm3vPx378D4xKKpmULiOSnP7REM+aweRMEz:5Pp8D40/UuO0P7yM+M
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral3 behavioral4
- Target
  
  bearer/libn.dll
- Size
  
  18KB
- MD5
  
  379358b4cd4b60137c0807f327531987
- SHA1
  
  b0a5f6e3dcd0dbc94726f16ed55d2461d1737b59
- SHA256
  
  0ff1d03926f5d9c01d02fae5c5e1f018a87d7f90a1826de47277530bfc7776f8
- SHA512
  
  097c08135d654596a19ada814ad360a8c2374d989cbd7094c6acb092e9854abf1f1d878d3da72b66c4c75806586bee7fe04d555a1d82db170725bdbeadea7d50
- SSDEEP
  
  384:rLyPunoshzdtnbuH0aXOk0GfZh5g+zCxU:rLy7s5dJuHHOqhyy
Score

1^/10
behavioral5 behavioral6
- Target
  
  bearer/qgenericbearer.dll
- Size
  
  45KB
- MD5
  
  dba35d31c2b6797c8a4d38ae27d68e6e
- SHA1
  
  37948e71dc758964e0aa19aee063b50ef87a7290
- SHA256
  
  086d6ba24f34a269856c4e0159a860657590d05aabb2530247e685543b34c52f
- SHA512
  
  282e7613fe445785fa5ed345415bc008637b7d1d7988cc6da715b024311a1c29425f5edb26a1d90f301af408b60244dd81e1459eef2aab10b07d1ac352770b4b
- SSDEEP
  
  768:B+B5mIpDC6s1Hf30HdG806zHgaEsyJa5gYnDGMHgtpQu8KOqfyc:UB5mTfEHdh0GHga9nDGigvQu8K/J
Score

1^/10
behavioral7 behavioral8
- Target
  
  bearer/qnativewifibearer.dll
- Size
  
  46KB
- MD5
  
  a8bca50f7966f578b127d1e24fc2430f
- SHA1
  
  cfa1e5d684d938fdb9a97ff874cd2166a10ca0c8
- SHA256
  
  c209d080a62f5e67ddc01a3ae6b4f9b103faf4104c93b7dbb5ffa8d548bf0cd5
- SHA512
  
  86b1e4eec873b5951408f1793b5a35725fb53e2282e194b409705f476d8bea9750dcee74bd51ae5d3acb3d47846a8b7210b1493f7d9ac012140df5e6a57d8c69
- SSDEEP
  
  768:AoK5SNALlqMB1hF4hGm6/q4wgaHbAUjHgLa3TO1ZOqgCyEw:mSIlq6cl6SDgacU7ge3TOn/I
Score

1^/10
behavioral10 behavioral9
- Target
  
  dll/Qt5Network.dll
- Size
  
  840KB
- MD5
  
  0fdda3a8c8be28993b156b24b300ccdf
- SHA1
  
  57fe6cfd0b28708d23ae560675d4c462127722c8
- SHA256
  
  335cec3a5f9082f083190660932b6641f682f4c5818ffbd6ffa98c9d0c24e0f1
- SHA512
  
  4ba8b28ac903d087344185b77144bfcbcd5bda11efb2a8d45b942363b8a13c7c4fb56820644166c7556fb44b68a8786ebb10b8cc4b3557247aa85214289e4453
- SSDEEP
  
  12288:/fGeWXoifZwygBFp9RsVqSA3jk1x5X+JPnk4PpazkoLhVY9hqivwlsBNzARfG2:/fGeWXoiBwHbHEgqM9BNzARfG2
Score

1^/10
behavioral11 behavioral12
- Target
  
  dll/Qt5Svg.dll
- Size
  
  253KB
- MD5
  
  06cc5d18a496520e05bcfee1e3169535
- SHA1
  
  98ba5d0ed52499a845038c3b4bcba356b9339f11
- SHA256
  
  ea31035fa96ba656d64b58d4f1a9dd210df7154afad3d4f96ee36b41584e4360
- SHA512
  
  154a2fdbaa045df6289476420cc4045905a866cd54d756dcc09e0ea79f2cec7f33c748534f47c827841e35c35f71d462cadb801a6b99bf72c162c075d786fdbe
- SSDEEP
  
  6144:kKD4dwpLEE61jMW52NP5xwuMnyOWYGcy8Dv4Cnke+9oCsGhvdw61IwxP4zd:kKD42pLEE6mw2NPnBMIBrU
Score

1^/10
behavioral13 behavioral14
- Target
  
  dll/libEGL.dll
- Size
  
  18KB
- MD5
  
  379358b4cd4b60137c0807f327531987
- SHA1
  
  b0a5f6e3dcd0dbc94726f16ed55d2461d1737b59
- SHA256
  
  0ff1d03926f5d9c01d02fae5c5e1f018a87d7f90a1826de47277530bfc7776f8
- SHA512
  
  097c08135d654596a19ada814ad360a8c2374d989cbd7094c6acb092e9854abf1f1d878d3da72b66c4c75806586bee7fe04d555a1d82db170725bdbeadea7d50
- SSDEEP
  
  384:rLyPunoshzdtnbuH0aXOk0GfZh5g+zCxU:rLy7s5dJuHHOqhyy
Score

1^/10
behavioral15 behavioral16
- Target
  
  dll/libGLESV2.dll
- Size
  
  1.5MB
- MD5
  
  aebbd25609c3f1d16809c02f12e99896
- SHA1
  
  7675d0f61062490b8c7043a66a8d88d5d147f7a9
- SHA256
  
  6765d163fae52331dfdcccab371c9b8b5cd0915bfdb14bbf2ca5d3f42bb29f4c
- SHA512
  
  a441ae0fe98ae39ed7fd1feb410bcac3aba9179242c62166190926588b97e11f0a3442d0619c6a2f6070e336a82d7fcabeb89461ff15fe878da13f2a57710f87
- SSDEEP
  
  24576:IGyEmXb3NBT+BZDQnVjDuBy8aTnilzT8QreNdJU8GAeZRyRWh:I8mr3OaDVXnilcQreNdJU8GOWh
Score

1^/10
behavioral17 behavioral18
- Target
  
  dll/libeay32.dll
- Size
  
  1.1MB
- MD5
  
  67130d64a3c2b4b792c4f5f955b37287
- SHA1
  
  6f6cae2a74f7e7b0f18b93367821f7b802b3e6cf
- SHA256
  
  7581f48b16bd9c959491730e19687656f045afbab59222c0baba52b25d1055be
- SHA512
  
  d88c26ec059ad324082c4f654786a3a45ecf9561a522c8ec80905548ad1693075f0ffc93079f0ef94614c95a3ac6bbf59c8516018c71b2e59ec1320ba2b99645
- SSDEEP
  
  24576:CBULPHc9UKJayhv6uaDGXcRY0Pt4eY/qL6I4tPxVCBfe6w:L09UpyuDMaoHI4tPxV56w
Score

1^/10
behavioral19 behavioral20
- Target
  
  dll/msvcp120.dll
- Size
  
  444KB
- MD5
  
  fd5cabbe52272bd76007b68186ebaf00
- SHA1
  
  efd1e306c1092c17f6944cc6bf9a1bfad4d14613
- SHA256
  
  87c42ca155473e4e71857d03497c8cbc28fa8ff7f2c8d72e8a1f39b71078f608
- SHA512
  
  1563c8257d85274267089cd4aeac0884a2a300ff17f84bdb64d567300543aa9cd57101d8408d0077b01a600ddf2e804f7890902c2590af103d2c53ff03d9e4a5
- SSDEEP
  
  12288:uZ/8wcqw2oe+Z3VrfwfNOOoWhUgiW6QR7t5ss3Ooc8DHkC2e77/:W/8wVwHZFTwFOOos3Ooc8DHkC2e77/
Score

3^/10
behavioral21 behavioral22
- Target
  
  dll/msvcr120.dll
- Size
  
  948KB
- MD5
  
  034ccadc1c073e4216e9466b720f9849
- SHA1
  
  f19e9d8317161edc7d3e963cc0fc46bd5e4a55a1
- SHA256
  
  86e39b5995af0e042fcdaa85fe2aefd7c9ddc7ad65e6327bd5e7058bc3ab615f
- SHA512
  
  5f11ef92d936669ee834a5cef5c7d0e7703bf05d03dc4f09b9dcfe048d7d5adfaab6a9c7f42e8080a5e9aad44a35f39f3940d5cca20623d9cafe373c635570f7
- SSDEEP
  
  12288:LBmFyjLAOQaYkxGXPfY7eiWWcpOKnpTVOIxhK765qlRRb6x4pI23IbJQV:dmFyjLF847eiWWcoGZVOIxh/WxIAIbGV
Score

3^/10
behavioral23 behavioral24
- Target
  
  dll/ssleay32.dll
- Size
  
  270KB
- MD5
  
  df38eb2002e5979e57babf8b4f6a2f82
- SHA1
  
  219d5837f6461688122d637bf67f041fc6c19aac
- SHA256
  
  5c2f10a772edfbeef8a5261b8677e68c4194cb87f3cb9bc319c8da75cfaefa3f
- SHA512
  
  da4b6ec820f5886102577a7e98187ed45165ee5373504fb4f610cfb47eb2ad6e0b75d868464df4ee8b97f506c2f493a1d3bf029c184c08b311dbc1b76c2a37f6
- SSDEEP
  
  6144:0xnT+R40IInTyFxvYlBtCikIK3gb/VuLXyJxm11VMaorgpa7ivoQXoYwWAaHeeT6:6nKR40IInTyFxvY3tCikIK3gb/VECJxD
Score

1^/10
behavioral25 behavioral26
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  37KB
- MD5
  
  90bb882a4b5e3427f328259530aa1b3b
- SHA1
  
  a4059f0c105f4e2abe84efc4a48fa676171f37c5
- SHA256
  
  b2b420aa1805d8b5dc15ccb74dd664d10bd6ba422743f5043a557a701c8a1778
- SHA512
  
  a486280bba42d6c2d8b5ca0a0191b6b29067e1c120f85dbff709a4a42c61d925804915f93f815f56c9ca06ea9f8b89de0e692776524d28d81e29ef1c75501db8
- SSDEEP
  
  768:ps7Ss9mMa0qnobGobEng53IdR4rXDd/+Hb0RPNRuBNJOqUVyvC:s95aoZEgGdu7Dd/YbOPybJ/XC
Score

1^/10
behavioral27 behavioral28

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

Lumma Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28