General

  • Target

    https://t.ly/Warner2110

  • Sample

    241021-ld4h3szfjl

Malware Config

Extracted

Family

lumma

C2

https://snailyeductyi.sbs

https://ferrycheatyk.sbs

https://deepymouthi.sbs

https://wrigglesight.sbs

https://captaitwik.sbs

https://sidercotay.sbs

https://heroicmint.sbs

https://monstourtu.sbs

Targets

    • Target

      https://t.ly/Warner2110

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks