lumma | d21a0c5c018ef62375bf0a90db31907c03956a40b6cf1e4cc2a51a53c60ced3e | Triage

Sharing

General

Target

file.7z
Size

17.4MB
Sample

241120-3bhl9svgld
MD5

2a4c6fbd74c51574ce59ef14b4683cf5
SHA1

90282c8a5dc0bab4bdfccacf8ace1b3b0cd1a480
SHA256

d21a0c5c018ef62375bf0a90db31907c03956a40b6cf1e4cc2a51a53c60ced3e
SHA512

239b0371bae73e0a2d19f074fba11b03c20181aa98cc61c9ebf14f08c3583ae258105f425ac2194208a95467c0e2688dd889ba09f5bdf87c1e46da6c6e03baa3
SSDEEP

393216:+X4ZA7rQwcOk3jK8dLKTvsjew5IRyrPra4xvssiExzqta1bdYJ:+MAl8d5ewaRy3a4x5NGahdW

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://gentlewave.shop/api

Targets

- Target
  
  file.7z
- Size
  
  17.4MB
- MD5
  
  2a4c6fbd74c51574ce59ef14b4683cf5
- SHA1
  
  90282c8a5dc0bab4bdfccacf8ace1b3b0cd1a480
- SHA256
  
  d21a0c5c018ef62375bf0a90db31907c03956a40b6cf1e4cc2a51a53c60ced3e
- SHA512
  
  239b0371bae73e0a2d19f074fba11b03c20181aa98cc61c9ebf14f08c3583ae258105f425ac2194208a95467c0e2688dd889ba09f5bdf87c1e46da6c6e03baa3
- SSDEEP
  
  393216:+X4ZA7rQwcOk3jK8dLKTvsjew5IRyrPra4xvssiExzqta1bdYJ:+MAl8d5ewaRy3a4x5NGahdW
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1
- Target
  
  file.7z
- Size
  
  17.2MB
- MD5
  
  bd3ba3a1a28d9bf7fa00996b7eeec676
- SHA1
  
  c0bd1de5d05e5e202589561b52b791dc20f3cc25
- SHA256
  
  a66b1a5b77b04356aa45d268862fb7781241074f7113893c8dc32510a09097d6
- SHA512
  
  1220167c39db251b14f1136c880034e061dabdeedb082798fa899600dd6849d7747a348a1aec4f760c25a7947adf707059e6871bfb815f8321b8286e79fede86
- SSDEEP
  
  393216:FhXjpzRuD6Qf/gH6iyxk7vdTadU0xAujSbBVmgLtfZybNoL0swCqaH2xexXakOKF:F5NlGwaavdmdUsAujsBncbNd5UqhC
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2