lumma | 76f70c669264a65fa2ab3f5dacba4b4ccd9408e731658f9e9f6ac081154de3f6 | Triage

Submit
Reports

Overview

overview

Static

static

1

¡Archivos...c!.rar

windows7-x64

1

¡Archivos...c!.rar

windows10-2004-x64

Sharing

General

Target

¡Archivos!AutomáticaConfiguración! paraPc!.rar
Size

113.1MB
Sample

241125-1z7vyswjcj
MD5

25284dcf16e765d81872552a22e9d9e5
SHA1

9cf2bc65712f2b95f34739e8157dcf8aee732501
SHA256

76f70c669264a65fa2ab3f5dacba4b4ccd9408e731658f9e9f6ac081154de3f6
SHA512

a2fb77e7ff87727eae06da273803cc08d358db8dbba7b7262371ab37f2455af9075c72be14dbb85ad10779d4f9212d0ab422c2f1aa8591c52cba40d3d50e1081
SSDEEP

3145728:9ypm02nTzoneGu+Jz/2T83G6MbbpMhULICz5c:YpmxzipR3MpHLICz5c

Score

10^/10

lumma discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

¡Archivos!AutomáticaConfiguración! paraPc!.rar

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

¡Archivos!AutomáticaConfiguración! paraPc!.rar

Resource

win10v2004-20241007-en

lumma discovery stealer

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://teentyinch.fun/api

Targets

- Target
  
  ¡Archivos!AutomáticaConfiguración! paraPc!.rar
- Size
  
  113.1MB
- MD5
  
  25284dcf16e765d81872552a22e9d9e5
- SHA1
  
  9cf2bc65712f2b95f34739e8157dcf8aee732501
- SHA256
  
  76f70c669264a65fa2ab3f5dacba4b4ccd9408e731658f9e9f6ac081154de3f6
- SHA512
  
  a2fb77e7ff87727eae06da273803cc08d358db8dbba7b7262371ab37f2455af9075c72be14dbb85ad10779d4f9212d0ab422c2f1aa8591c52cba40d3d50e1081
- SSDEEP
  
  3145728:9ypm02nTzoneGu+Jz/2T83G6MbbpMhULICz5c:YpmxzipR3MpHLICz5c
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer

© 2018-2024

Terms | Privacy