lumma | 5553e4e355ee0dade1223c455c8232a49a1b53d7f55bfcd27f6aeaff166f67bf

Resubmissions

18-11-2024 08:55

241118-kvmq8asgph 10

18-11-2024 08:52

241118-ks1kasspaz 10

18-11-2024 08:25

241118-kbbvlsshjr 10

Sharing

Copy URL

Twitter E-mail

General

Target

5553e4e355ee0dade1223c455c8232a49a1b53d7f55bfcd27f6aeaff166f67bf.exe
Size

10.0MB
Sample

241118-kvmq8asgph
MD5

3f743b632a0a52e5d8ba262c13134b17
SHA1

3a0938ca3cccf15af99258c070620e5809a8eaa8
SHA256

5553e4e355ee0dade1223c455c8232a49a1b53d7f55bfcd27f6aeaff166f67bf
SHA512

60813c38db484fa365da3fe37f86a49d3e671e7f9fedcd8082696cf7160a171b5ecb5fd7ee0a76577ae585f3481a1866607a919a2a3efd80553bab9356e17326
SSDEEP

24576:q2T2ETkozkFJ22KXLyGPMK2p/2lYRfKDgJ4tfG2i5:b2ETuFJVCLJGpOlYRiUJ4U2i5

Score

10^/10

Malware Config

Extracted

Family

lumma

https://processhol.sbs/api

https://p10tgrace.sbs/api

https://peepburry828.sbs/api

https://3xp3cts1aim.sbs/api

https://p3ar11fter.sbs/api

Targets

- Target
  
  5553e4e355ee0dade1223c455c8232a49a1b53d7f55bfcd27f6aeaff166f67bf.exe
- Size
  
  10.0MB
- MD5
  
  3f743b632a0a52e5d8ba262c13134b17
- SHA1
  
  3a0938ca3cccf15af99258c070620e5809a8eaa8
- SHA256
  
  5553e4e355ee0dade1223c455c8232a49a1b53d7f55bfcd27f6aeaff166f67bf
- SHA512
  
  60813c38db484fa365da3fe37f86a49d3e671e7f9fedcd8082696cf7160a171b5ecb5fd7ee0a76577ae585f3481a1866607a919a2a3efd80553bab9356e17326
- SSDEEP
  
  24576:q2T2ETkozkFJ22KXLyGPMK2p/2lYRfKDgJ4tfG2i5:b2ETuFJVCLJGpOlYRiUJ4U2i5
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2