lumma | 47f23c360d20717d0629bb37b01caf1bb3a473bdf43f2b967427da6b6f37c633 | Triage

Submit
Reports

Overview

overview

Static

static

1

Despicable...64.rar

windows7-x64

7

Despicable...64.rar

windows10-1703-x64

3

Despicable...64.rar

windows10-2004-x64

3

Despicable...64.rar

windows11-21h2-x64

3

Despicable...64.scr

windows7-x64

1

Despicable...64.scr

windows10-1703-x64

Despicable...64.scr

windows10-2004-x64

Despicable...64.scr

windows11-21h2-x64

1

Sharing

General

Target

Despicable Me 4 1080p Clean.2024.1080p HDTS x264.zipx
Size

1225.5MB
Sample

240701-kp2cesvhrl
MD5

b7a5902737895059cb366435f5cd59c8
SHA1

395afeca2c59aedf8be9f66cde3be843eed298b3
SHA256

47f23c360d20717d0629bb37b01caf1bb3a473bdf43f2b967427da6b6f37c633
SHA512

2d3db100491681eee96f23de21403b3e40ce849f87d79594a24255076ab2b97f8140da362c1787a593064ef711e2ace73dae65013149f9d2b913d5a1b473dcb4
SSDEEP

25165824:FMlQ8V1yEKAtsh9IQrcdHLn0dPkwrcLtqjBPidbYd3vdYvZELOw:F+Q86EKAeh9kdrn0qw4Qjliofd4K3

Score

10^/10

lumma persistence privilege_escalation stealer

Static task

static1

Behavioral task

behavioral1

Sample

Despicable Me 4 1080p Clean.2024.1080p HDTS x264.rar

Resource

win7-20240508-en

persistence privilege_escalation

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

Despicable Me 4 1080p Clean.2024.1080p HDTS x264.rar

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

Despicable Me 4 1080p Clean.2024.1080p HDTS x264.rar

Resource

win10v2004-20240611-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

Despicable Me 4 1080p Clean.2024.1080p HDTS x264.rar

Resource

win11-20240611-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

Despicable Me 4 1080p Clean.2024.1080p HDTS x264/Despicable Me 4 1080p Clean.2024.1080p HDTS x264.scr

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

Despicable Me 4 1080p Clean.2024.1080p HDTS x264/Despicable Me 4 1080p Clean.2024.1080p HDTS x264.scr

Resource

win10-20240611-en

windows10-1703-x64

14 signatures

150 seconds

Behavioral task

behavioral7

Sample

Despicable Me 4 1080p Clean.2024.1080p HDTS x264/Despicable Me 4 1080p Clean.2024.1080p HDTS x264.scr

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

Despicable Me 4 1080p Clean.2024.1080p HDTS x264/Despicable Me 4 1080p Clean.2024.1080p HDTS x264.scr

Resource

win11-20240508-en

windows11-21h2-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://exporttearryliveedko.shop/api

https://harmfullyelobardek.shop/api

Targets

- Target
  
  Despicable Me 4 1080p Clean.2024.1080p HDTS x264.zipx
- Size
  
  1225.5MB
- MD5
  
  b7a5902737895059cb366435f5cd59c8
- SHA1
  
  395afeca2c59aedf8be9f66cde3be843eed298b3
- SHA256
  
  47f23c360d20717d0629bb37b01caf1bb3a473bdf43f2b967427da6b6f37c633
- SHA512
  
  2d3db100491681eee96f23de21403b3e40ce849f87d79594a24255076ab2b97f8140da362c1787a593064ef711e2ace73dae65013149f9d2b913d5a1b473dcb4
- SSDEEP
  
  25165824:FMlQ8V1yEKAtsh9IQrcdHLn0dPkwrcLtqjBPidbYd3vdYvZELOw:F+Q86EKAeh9kdrn0qw4Qjliofd4K3
Score

7^/10

persistence privilege_escalation
- Executes dropped EXE
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  Despicable Me 4 1080p Clean.2024.1080p HDTS x264/Despicable Me 4 1080p Clean.2024.1080p HDTS x264.scr
- Size
  
  756.9MB
- MD5
  
  519a32325de2c011fa72361538ee0982
- SHA1
  
  a1abef13be88eee89823f1b55ef253834a7f5df5
- SHA256
  
  c485650d9d58fb7ea6447e143e2e243a743353df05a2dd9c4f7348c0250239ff
- SHA512
  
  8fd3dfdd0e09c95c152091e6ef3da5bf030902bdd302aec6fce927b82b9c864667e5107f291127b3b7d85e9693df496a36ebda8eba37e3906e49572549518632
- SSDEEP
  
  1572864:NsctqFeWSmx3m00cfFjVg1HTM7U0aCtIsctqFeWSmx3m00cfFjVg1HTM7U0aCtf:NsqI3v0cfJrRaCOsqI3v0cfJrRaC1
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Executes dropped EXE
behavioral5 behavioral6 behavioral7 behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

Screensaver

Privilege Escalation

Event Triggered Execution

Screensaver

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

© 2018-2024

Terms | Privacy