lumma | 8f3bd6cfc591e89316c92c06066a0fe8e6ef2b70e81bde41b16a8c264a7acc2d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f3bd6cfc591e89316c92c06066a0fe8e6ef2b70e81bde41b16a8c264a7acc2dN
Size

1013KB
Sample

241010-tyjneavekb
MD5

3b303cd2c4bcb1b1e2c25386712799a0
SHA1

17456a87deb6030c21d1fc57412bbee517d0896e
SHA256

8f3bd6cfc591e89316c92c06066a0fe8e6ef2b70e81bde41b16a8c264a7acc2d
SHA512

df80cfc4472e42b01e77885f97f7d05cf5587f7cd01857304ccf45520b24126b09eb1a4767b9cba70851e997978e2887d16663680e64fcd0cf5c4ace1064206d
SSDEEP

24576:EvuBLEhmTs4RSbRFlM0HztxF57ZE53QboufuqoGSxh:XLEoR2RfM0TtxF57ZYQ3HoGSf

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://clearancek.site

https://licendfilteo.site

https://spirittunek.store

https://bathdoomgaz.store

https://studennotediw.store

https://dissapoiznw.store

https://eaglepawnoy.store

https://mobbipenju.store

https://probablekl.site

Targets

- Target
  
  8f3bd6cfc591e89316c92c06066a0fe8e6ef2b70e81bde41b16a8c264a7acc2dN
- Size
  
  1013KB
- MD5
  
  3b303cd2c4bcb1b1e2c25386712799a0
- SHA1
  
  17456a87deb6030c21d1fc57412bbee517d0896e
- SHA256
  
  8f3bd6cfc591e89316c92c06066a0fe8e6ef2b70e81bde41b16a8c264a7acc2d
- SHA512
  
  df80cfc4472e42b01e77885f97f7d05cf5587f7cd01857304ccf45520b24126b09eb1a4767b9cba70851e997978e2887d16663680e64fcd0cf5c4ace1064206d
- SSDEEP
  
  24576:EvuBLEhmTs4RSbRFlM0HztxF57ZE53QboufuqoGSxh:XLEoR2RfM0TtxF57ZYQ3HoGSf
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer