lumma | f541ede6edd846768b78bff4a679528b580708a41f154fbca194b45dde0cbeac | Triage

Sharing

General

Target

pic simulator ide full crack software.exe
Size

762.1MB
Sample

241126-sm7enasqep
MD5

89e24a2d1e9a5c4b135dd0d05685da21
SHA1

4550bade9b2dfedb5980cf6683793433ae4a9c33
SHA256

f541ede6edd846768b78bff4a679528b580708a41f154fbca194b45dde0cbeac
SHA512

359f56374a41821d8f894bbe0086fe4f34c3cae31f129efba4201fdecff1695890b069b8914d0198a4491d02e623aac50d05bc5d21d3cbbab7fdce0160c19573
SSDEEP

393216:FxTuuL2PddxuL2PdT6ieFM0+M4HBvSEuQRZPR:FBuuL2PddxuL2PdNL9lSEuQRZP

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://river-stone.shop/api

Extracted

Family

lumma

C2

https://river-stone.shop/api

https://occupy-blushi.sbs/api

https://blade-govern.sbs/api

https://story-tense-faz.sbs/api

https://disobey-curly.sbs/api

https://motion-treesz.sbs/api

https://powerful-avoids.sbs/api

Targets

- Target
  
  pic simulator ide full crack software.exe
- Size
  
  762.1MB
- MD5
  
  89e24a2d1e9a5c4b135dd0d05685da21
- SHA1
  
  4550bade9b2dfedb5980cf6683793433ae4a9c33
- SHA256
  
  f541ede6edd846768b78bff4a679528b580708a41f154fbca194b45dde0cbeac
- SHA512
  
  359f56374a41821d8f894bbe0086fe4f34c3cae31f129efba4201fdecff1695890b069b8914d0198a4491d02e623aac50d05bc5d21d3cbbab7fdce0160c19573
- SSDEEP
  
  393216:FxTuuL2PddxuL2PdT6ieFM0+M4HBvSEuQRZPR:FBuuL2PddxuL2PdNL9lSEuQRZP
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer