General

  • Target

    Setup.exe

  • Size

    70.0MB

  • Sample

    241124-wxn8lssldy

  • MD5

    d3ded6f6292b7b3b538776a0ca8f33b2

  • SHA1

    de88a415456610f30bf171880d6c5cbbb3ca3240

  • SHA256

    1425478a96cf67a4805323afa3987ea4e7424dad16e7c3c32d03da96fa049919

  • SHA512

    bb3ebb0e8c694501f49bcf2c4feaa86bac1dd1570e227e8abe74538f969eb45d93ccfb9529b99d4eeb47c2ef25548bac6756662ca639c1c42295a60204309764

  • SSDEEP

    24576:ATLKgMF5jTObaIvsD7sBM8I7oRCL7piz5nWXVW:Tv5rIf1RRGwn4Q

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://spicywind.shop/api

Targets

    • Target

      Setup.exe

    • Size

      70.0MB

    • MD5

      d3ded6f6292b7b3b538776a0ca8f33b2

    • SHA1

      de88a415456610f30bf171880d6c5cbbb3ca3240

    • SHA256

      1425478a96cf67a4805323afa3987ea4e7424dad16e7c3c32d03da96fa049919

    • SHA512

      bb3ebb0e8c694501f49bcf2c4feaa86bac1dd1570e227e8abe74538f969eb45d93ccfb9529b99d4eeb47c2ef25548bac6756662ca639c1c42295a60204309764

    • SSDEEP

      24576:ATLKgMF5jTObaIvsD7sBM8I7oRCL7piz5nWXVW:Tv5rIf1RRGwn4Q

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks