lumma | 8e70554b23ba4f543189ecb533e4c7f7750ab16207b824d146bf13674004df6c | Triage

Sharing

General

Target

Setup2.exe
Size

9.0MB
Sample

240801-1cbt1a1dlf
MD5

5203def28edba8cdecbded67ed2cecb2
SHA1

e423a81a9cc3f9440144d80a56ce5075ce574c8d
SHA256

8e70554b23ba4f543189ecb533e4c7f7750ab16207b824d146bf13674004df6c
SHA512

7733d6e148d99bb74a059b8a132f08b58ed1c4e826b3e8b6b9ce60a31469374ed3669524fab7133c7ff83ff1a69ba6d0e259af1cacdfdc5b4842bd8d81b3bae2
SSDEEP

196608:eIALOUOl/+nYwov8FS7VVT1vAuVC2GYZwetDQ0Id:eIAL3O/MS8FS7LtC21weR

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://kaminiasbbefow.shop/api

https://applyzxcksdia.shop/api

https://replacedoxcjzp.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

Extracted

Family

lumma

C2

https://tenntysjuxmz.shop/api

Targets

- Target
  
  Setup2.exe
- Size
  
  9.0MB
- MD5
  
  5203def28edba8cdecbded67ed2cecb2
- SHA1
  
  e423a81a9cc3f9440144d80a56ce5075ce574c8d
- SHA256
  
  8e70554b23ba4f543189ecb533e4c7f7750ab16207b824d146bf13674004df6c
- SHA512
  
  7733d6e148d99bb74a059b8a132f08b58ed1c4e826b3e8b6b9ce60a31469374ed3669524fab7133c7ff83ff1a69ba6d0e259af1cacdfdc5b4842bd8d81b3bae2
- SSDEEP
  
  196608:eIALOUOl/+nYwov8FS7VVT1vAuVC2GYZwetDQ0Id:eIAL3O/MS8FS7LtC21weR
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer