lumma | 96e5d7a5999c312298ac0b92d004af50f9657590e364674badedb7811132af33 | Triage

Sharing

General

Target

96e5d7a5999c312298ac0b92d004af50f9657590e364674badedb7811132af33.zip
Size

296KB
Sample

241230-cz7cesvmgt
MD5

a0ee2536a8579e5d7d78bb7171a2f7d4
SHA1

cf988c21ee9cc156a9377cf98e44064331d66351
SHA256

96e5d7a5999c312298ac0b92d004af50f9657590e364674badedb7811132af33
SHA512

b2c1b121afd9e77d4a18c6991cc1ccd7c7adff87e952e302c2d4e64716b24897d146c77b5df3245855d68dd4063ba8b3c77e23d2d63f9d23be83caf66032eea8
SSDEEP

6144:UgOIpLxubRNhYuRWzICACz9WQxnd0nffp2o5QIDXXpKq1fjI4a2rBjY:UgOU+RUAtCxZNwQSJX1rI7c1Y

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://hummskitnj.buzz/api

https://cashfuzysao.buzz/api

https://appliacnesot.buzz/api

https://screwamusresz.buzz/api

https://inherineau.buzz/api

https://scentniej.buzz/api

https://rebuildeso.buzz/api

https://prisonyfork.buzz/api

Targets

- Target
  
  cr.dll
- Size
  
  650KB
- MD5
  
  f8e79ec1eb270e97e28caa8b67172aa0
- SHA1
  
  f97d098cf0cf71986d677df2f860c98946239f65
- SHA256
  
  62e5697175a4e4db11a19327bf1fbcef4924043c0bb5f8141181a26e1dc455ef
- SHA512
  
  acc379d878f993d8258f32b3e54edb0b9e0651f8d9669063245aa9b7d1c4dae4afcd682fcc755c860a7e559f7551bea0c624ff0e5a7a4246187bb812400f41b2
- SSDEEP
  
  12288:CmO5jkVuhREczKkBHbj6gAvLaatYd8clylJvNoAepD:DswVCzKkBHRYeatY5KduD
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  ronwod.exe
- Size
  
  28KB
- MD5
  
  20bc022e4e3ae8fca3d01ada3d5db2ba
- SHA1
  
  a464f961e1590806b8456e5c67fc099ca42231b5
- SHA256
  
  18fef0139796258b4d110e92d644cdb74e6b778542ed80a06f5280a1dd759bd7
- SHA512
  
  aeb7408d2468e5753acb096b944faf4328e69de1ce9a8b03b43e5bec7bc00b1eeb40928d49d7b89bce8f2f020a123ba096c0aae1e8acf41673b7509cd71d27c6
- SSDEEP
  
  384:HFWq89uULS5TKs8xQdEkLpS68oaCTyM25hLEWLkUyKZrXzOosMxoOJaqy2CWo:H0N9uoS5TKsY7oRyrLEWLkFoDJreW
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

lummadiscoverystealer

behavioral4

lummadiscoverystealer