Overview

overview

10

Static

static

1

MilwaukeeRivers.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MilwaukeeRivers.exe

  • Size

    948KB

  • Sample

    241123-mwywzszlbn

  • MD5

    e922a4d7d2c3c937231aa937b9a2ad25

  • SHA1

    b78ade0fbd78bff01d5c86079c9224d7b87f0770

  • SHA256

    bdc7b917477bb49af7a5b06e5d9ed20e08fed25944f297a6b36a50d03d8a5777

  • SHA512

    501a15eb4c5c64f2df9f454c11951907f33a834885113e14491a6823d8e3373c09523a3eedb52952aada8071dbeec88338dbdeb02a2c4d7a8e0af48eb1dbe5f6

  • SSDEEP

    24576:7gk8NlvGOgHdQFQ/Dfw/EQky/vgNs9OHYkc:WvGOgHeFODfwcC3WsSS

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://servicedny.site

https://authorisev.site

https://faulteyotk.site

https://dilemmadu.site

https://contemteny.site

https://goalyfeastz.site

https://opposezmny.site

https://seallysl.site

https://proggresinvj.cyou

Targets

    • Target

      MilwaukeeRivers.exe

    • Size

      948KB

    • MD5

      e922a4d7d2c3c937231aa937b9a2ad25

    • SHA1

      b78ade0fbd78bff01d5c86079c9224d7b87f0770

    • SHA256

      bdc7b917477bb49af7a5b06e5d9ed20e08fed25944f297a6b36a50d03d8a5777

    • SHA512

      501a15eb4c5c64f2df9f454c11951907f33a834885113e14491a6823d8e3373c09523a3eedb52952aada8071dbeec88338dbdeb02a2c4d7a8e0af48eb1dbe5f6

    • SSDEEP

      24576:7gk8NlvGOgHdQFQ/Dfw/EQky/vgNs9OHYkc:WvGOgHeFODfwcC3WsSS

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Enumerates processes with tasklist

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks