General

  • Target

    InstNew_v1.0.9_Арp_Release_x64.exe

  • Size

    1.0MB

  • Sample

    241111-2d1eesybkm

  • MD5

    9803e1c897fec7f899c7b9a1f6d34398

  • SHA1

    91be6ecd608e3dfce09e04a8866b2a1aba16a632

  • SHA256

    c395d9398f363892c415c5c1d7c07ac6052dc5585825261f522784f2f6a35a9a

  • SHA512

    a8da65f01c47ccd137dc6fe0d5469627c4e9a0cbcbeaaebba7ed491f98100a428e03244bc0607959c048cfd43bd8d3beaae932ecb5103619a8a9fc7989cbe65a

  • SSDEEP

    24576:P54TFXpHWHGe2Dv7JIlsOApZVcnOyFXLLWvN7V:8HdDzJ+UIOyF7aV5

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://financiauglyk.cyou/api

Targets

    • Target

      InstNew_v1.0.9_Арp_Release_x64.exe

    • Size

      1.0MB

    • MD5

      9803e1c897fec7f899c7b9a1f6d34398

    • SHA1

      91be6ecd608e3dfce09e04a8866b2a1aba16a632

    • SHA256

      c395d9398f363892c415c5c1d7c07ac6052dc5585825261f522784f2f6a35a9a

    • SHA512

      a8da65f01c47ccd137dc6fe0d5469627c4e9a0cbcbeaaebba7ed491f98100a428e03244bc0607959c048cfd43bd8d3beaae932ecb5103619a8a9fc7989cbe65a

    • SSDEEP

      24576:P54TFXpHWHGe2Dv7JIlsOApZVcnOyFXLLWvN7V:8HdDzJ+UIOyF7aV5

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks