lumma | 5f28bb44e92716093cfd622e55e57d233036720a2f5de89e0851acc5735562e7 | Triage

Submit
Reports

Overview

overview

Static

static

3

the tourna...ck.exe

windows10-2004-x64

Sharing

General

Target

The Tournament Director Version 3.1.1 Crack.7z
Size

4.2MB
Sample

241126-x997aasmgj
MD5

21eb9615f20edecdb612e9f091c83de9
SHA1

c0dc63c0206c8ef8f313c84977499a3e0db7ff4c
SHA256

5f28bb44e92716093cfd622e55e57d233036720a2f5de89e0851acc5735562e7
SHA512

b65cfd23da69673165e0058e60442386248645581fe42203dfa31305d1c3ed1fda3a235c6bff72963d0dce4ccce8a58c4bafbf87cfea261107b4a789d2fb6a92
SSDEEP

98304:toGmVlNm+ubPy6i+EZQeJzkXyys3/NWyZ4OenPApHz7p5ZPX8W:t2TEKtY8VVCAHZ5Jz

Score

10^/10

lumma discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

the tournament director version 3.1.1 crack.exe

Resource

win10v2004-20241007-fr

lumma discovery stealer

windows10-2004-x64

25 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://river-stone.shop/api

Extracted

Family

lumma

C2

https://river-stone.shop/api

https://blade-govern.sbs/api

https://story-tense-faz.sbs/api

https://disobey-curly.sbs/api

https://motion-treesz.sbs/api

https://powerful-avoids.sbs/api

Targets

- Target
  
  the tournament director version 3.1.1 crack.exe
- Size
  
  778.0MB
- MD5
  
  5946da8791ac74867041b8c0379f9fb7
- SHA1
  
  76da237fd15652c8143847b922c328174789df4a
- SHA256
  
  bcc3a6f639ebc32af1545031a90592a0ed55225032fceabde5f4bf1cabc38a85
- SHA512
  
  59b4e45a88f58fe945032675dbabec694a0f40648bb8e4e27b833dc3d7f09cdbcb2509530c94db216e528b68e16190bd9b17c57841f4db9ff5cb551e23fc306a
- SSDEEP
  
  393216:URyyQeEuQRZPJiFA1r2LuLH5icSWDFInCl:UBQeEuQRZPJiFYr2uLHsoFICl
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

© 2018-2025

Terms | Privacy