lumma | ceccd1145018d5c8dd692a726e04a0112aacb01cf7fb85ba190d00f7a4f623b9 | Triage

Sharing

General

Target

Solara.zip
Size

114.6MB
Sample

241124-y8vwmstpej
MD5

93b656d7c0d36f922d37fab9081ee747
SHA1

904b467fd9ab2661bc6e680d4c2ec21c3b93b9fb
SHA256

ceccd1145018d5c8dd692a726e04a0112aacb01cf7fb85ba190d00f7a4f623b9
SHA512

bb2a8ca360c0141a0bdd59945259c1e8d3d7a66697f7a2a395f10f5123c2957b5ce68fe86a3d263c19e7747841542719eee8f0bff4530a3fb85a1367c60c72ff
SSDEEP

3145728:mG1sfcxGubPAWo8fsQg0SMt1V1NdkBuh1NxqflqqMIZpRD2V:maPcuDpsv0TNNrvNxqfJJZpO

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://servicedny.site

https://authorisev.site

https://faulteyotk.site

https://dilemmadu.site

https://contemteny.site

https://goalyfeastz.site

https://opposezmny.site

https://seallysl.site

https://conscienyb.cyou

Extracted

Family

lumma

C2

https://conscienyb.cyou/api

Targets

- Target
  
  Solara.exe
- Size
  
  7.3MB
- MD5
  
  a46c3372dbfc0e3f4a97db227e07b131
- SHA1
  
  247d84b02e289747b965af37b1d331f47633b1ca
- SHA256
  
  767b5beda00bc75c954a9be8726b2f76a300e49f428eb64cbc362366bd2528a2
- SHA512
  
  17b1068602a2ddffa93fcfd174fc63400853fc5b83305c55c0075f02463214cf82e12bfb6424bee897c0bd6a20561fb1ca95b190cf4fd1f7c6761e06d8b573cb
- SSDEEP
  
  98304:zwREXBlkqxKUUhU5/UV2QU61X/8LyyTUspbP34igWLqmfoRp:JXBlkqgUIgQU6ReDoi7eRp
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer