lumma | 2c52f6d1206bc754c5e3ad485b7406d7d611d7d490a2252a969f2cd874ea9569 | Triage

Sharing

General

Target

2c52f6d1206bc754c5e3ad485b7406d7d611d7d490a2252a969f2cd874ea9569
Size

3.2MB
Sample

240829-phyp6s1dkg
MD5

f8afafba3e86d50ad9edce1d0ea179ab
SHA1

da2a418d7d4f39222d16cfad8cb381ca53f7339c
SHA256

2c52f6d1206bc754c5e3ad485b7406d7d611d7d490a2252a969f2cd874ea9569
SHA512

a23d51e4621b9a18d9f99d797bccf64ded9fddc0c63ccda8df5d1d13c5e35633c14bcb66a3dd1205d07c5c3637a9d58e17794e1e85b9d78e578ec723a708abc4
SSDEEP

49152:Aa5dRh/rrdcQX7kAmen7jJRkNkdKiJZeKtH0LzHPzkRyq/cHG53IpOMb6tdz6c:Aa5rJ/+ewIH/5dKaZeQH0Lc8GKAdz6c

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://awwardwiqi.shop/api

https://locatedblsoqp.shop/api

https://traineiwnqo.shop/api

Targets

- Target
  
  2c52f6d1206bc754c5e3ad485b7406d7d611d7d490a2252a969f2cd874ea9569
- Size
  
  3.2MB
- MD5
  
  f8afafba3e86d50ad9edce1d0ea179ab
- SHA1
  
  da2a418d7d4f39222d16cfad8cb381ca53f7339c
- SHA256
  
  2c52f6d1206bc754c5e3ad485b7406d7d611d7d490a2252a969f2cd874ea9569
- SHA512
  
  a23d51e4621b9a18d9f99d797bccf64ded9fddc0c63ccda8df5d1d13c5e35633c14bcb66a3dd1205d07c5c3637a9d58e17794e1e85b9d78e578ec723a708abc4
- SSDEEP
  
  49152:Aa5dRh/rrdcQX7kAmen7jJRkNkdKiJZeKtH0LzHPzkRyq/cHG53IpOMb6tdz6c:Aa5rJ/+ewIH/5dKaZeQH0Lc8GKAdz6c
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2