lumma | cfef95129d9fd21cf9fdec5d1332cde09a7eb16144edf7867c0b398d5f67b036 | Triage

Sharing

General

Target

cfef95129d9fd21cf9fdec5d1332cde09a7eb16144edf7867c0b398d5f67b036.exe
Size

70.0MB
Sample

241230-c9aq7svrb1
MD5

c6f709a40a7d35051ee49ad1e367df65
SHA1

da1b6b9d9471644dc2ff198a4f392c374d4508bb
SHA256

cfef95129d9fd21cf9fdec5d1332cde09a7eb16144edf7867c0b398d5f67b036
SHA512

e514fc4f73b7f4b8ec70f3ef7e671a5f2823a1a3fd935aaddb13a67c216775f3a4eba2d1677cc6382a49af9ae806bdafaa2e3bcb863d1f2a0f4533df2a99dcdf
SSDEEP

24576:7r05zRihIi9rQbAVBsEnaUb9FsryJgMW89sUbx2mwY6:v0cOi9kbAVBsIaUb9FQkW8umAmo

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://hummskitnj.buzz/api

https://cashfuzysao.buzz/api

https://appliacnesot.buzz/api

https://screwamusresz.buzz/api

https://inherineau.buzz/api

https://scentniej.buzz/api

https://rebuildeso.buzz/api

https://prisonyfork.buzz/api

Targets

- Target
  
  cfef95129d9fd21cf9fdec5d1332cde09a7eb16144edf7867c0b398d5f67b036.exe
- Size
  
  70.0MB
- MD5
  
  c6f709a40a7d35051ee49ad1e367df65
- SHA1
  
  da1b6b9d9471644dc2ff198a4f392c374d4508bb
- SHA256
  
  cfef95129d9fd21cf9fdec5d1332cde09a7eb16144edf7867c0b398d5f67b036
- SHA512
  
  e514fc4f73b7f4b8ec70f3ef7e671a5f2823a1a3fd935aaddb13a67c216775f3a4eba2d1677cc6382a49af9ae806bdafaa2e3bcb863d1f2a0f4533df2a99dcdf
- SSDEEP
  
  24576:7r05zRihIi9rQbAVBsEnaUb9FsryJgMW89sUbx2mwY6:v0cOi9kbAVBsIaUb9FQkW8umAmo
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer