lumma | 62bd169a33d75b7f682c786a8639cc867d4be43628def65757c31c1efd5c4905 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setup.exe
Size

13.8MB
Sample

240820-nrzhdstcqk
MD5

c2e7bc36cece182777218c4ecf80221b
SHA1

efa9720f1f9958df679b20a855a0c1d462204fcc
SHA256

62bd169a33d75b7f682c786a8639cc867d4be43628def65757c31c1efd5c4905
SHA512

e83a89f7f9eba92deccbc772b43d99021d0715c7d29a8ad5f212ff289ca1d787bd3a1ba383b429ef49459363393d88b132bf722ec4514087059106fbe6db029f
SSDEEP

393216:+1ECk1gOQf/BvJ5+zrGPdBgNNmH+SS8XRzS9JJ4EybE03:zCk1GBhIzsnS5SS8XRzsJ1yA03

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://wollfsoaisvz.shop/api

https://potentioallykeos.shop/api

https://interactiedovspm.shop/api

https://cagedwifedsozm.shop/api

https://deicedosmzj.shop/api

https://southedhiscuso.shop/api

https://consciousourwi.shop/api

https://tenntysjuxmz.shop/api

https://charecteristicdxp.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  13.8MB
- MD5
  
  c2e7bc36cece182777218c4ecf80221b
- SHA1
  
  efa9720f1f9958df679b20a855a0c1d462204fcc
- SHA256
  
  62bd169a33d75b7f682c786a8639cc867d4be43628def65757c31c1efd5c4905
- SHA512
  
  e83a89f7f9eba92deccbc772b43d99021d0715c7d29a8ad5f212ff289ca1d787bd3a1ba383b429ef49459363393d88b132bf722ec4514087059106fbe6db029f
- SSDEEP
  
  393216:+1ECk1gOQf/BvJ5+zrGPdBgNNmH+SS8XRzS9JJ4EybE03:zCk1GBhIzsnS5SS8XRzsJ1yA03
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

lummadiscoverystealer

behavioral4