lumma | 8251cf1d380cc480f3ad8cae8b11307ea5264105856091d1588cd68abdd1d62a | Triage

Submit
Reports

Overview

overview

Static

static

gepcdS.exe

windows7-x64

gepcdS.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

gepcdS.exe
Size

1.2MB
Sample

240522-2gw66sbe2v
MD5

84c630d15b217a4739ba250474f8adc2
SHA1

7adb7fd3bff686a3b4a32e6492a785bb6a5114c2
SHA256

8251cf1d380cc480f3ad8cae8b11307ea5264105856091d1588cd68abdd1d62a
SHA512

996717af4a53e4e428d8b4c7105cbe0b33e93b5d86a4a4703ed88c48b298fad77edf66453cf11b27782086b285fd569345cda1651dc53aecaccd552a4edfed1a
SSDEEP

24576:jkuThgREUU9cEieHXV7yN0buhgYsbOlN9U3jaPsM:jkudyEy0b2lNy3jKsM

Score

10^/10

lumma evasion stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

gepcdS.exe

Resource

win7-20240221-en

lumma evasion stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

gepcdS.exe

Resource

win10v2004-20240508-en

lumma evasion stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  gepcdS.exe
- Size
  
  1.2MB
- MD5
  
  84c630d15b217a4739ba250474f8adc2
- SHA1
  
  7adb7fd3bff686a3b4a32e6492a785bb6a5114c2
- SHA256
  
  8251cf1d380cc480f3ad8cae8b11307ea5264105856091d1588cd68abdd1d62a
- SHA512
  
  996717af4a53e4e428d8b4c7105cbe0b33e93b5d86a4a4703ed88c48b298fad77edf66453cf11b27782086b285fd569345cda1651dc53aecaccd552a4edfed1a
- SSDEEP
  
  24576:jkuThgREUU9cEieHXV7yN0buhgYsbOlN9U3jaPsM:jkudyEy0b2lNy3jKsM
Score

10^/10

lumma evasion stealer
- Detect Lumma Stealer payload V4
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Looks for VMWare Tools registry key
  evasion
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

lummaevasionstealer

behavioral2

lummaevasionstealer

© 2018-2025

Terms | Privacy