General
-
Target
fb95fc66166b36ecf9f23bb34b29965e92827c16fe51ca69cc5389eb3898b2e3.exe
-
Size
1.0MB
-
Sample
241230-dez82swkgv
-
MD5
8850838982a2e4f34598328ed33a3cda
-
SHA1
1c36e904ea837c571ff55e19a58a1d30f25858d2
-
SHA256
fb95fc66166b36ecf9f23bb34b29965e92827c16fe51ca69cc5389eb3898b2e3
-
SHA512
fdaa2634ac288ac4659dd591442cf57608a145badac21707acdc077fbd408645de8c79342295da730c279d50049c0c2e005c69e44411ba3c5c95a05aac8355c1
-
SSDEEP
24576:BBeubeAjXoVLH9ZToeUWXkhnY6Fd3+HjnZiTSu+:nLefVH9ZT+WX03GDZiTT+
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
Extracted
lumma
https://abruptyopsn.shop/api
https://wholersorie.shop/api
https://framekgirus.shop/api
https://tirepublicerj.shop/api
https://noisycuttej.shop/api
https://rabidcowse.shop/api
https://cloudewahsj.shop/api
Targets
-
-
Target
fb95fc66166b36ecf9f23bb34b29965e92827c16fe51ca69cc5389eb3898b2e3.exe
-
Size
1.0MB
-
MD5
8850838982a2e4f34598328ed33a3cda
-
SHA1
1c36e904ea837c571ff55e19a58a1d30f25858d2
-
SHA256
fb95fc66166b36ecf9f23bb34b29965e92827c16fe51ca69cc5389eb3898b2e3
-
SHA512
fdaa2634ac288ac4659dd591442cf57608a145badac21707acdc077fbd408645de8c79342295da730c279d50049c0c2e005c69e44411ba3c5c95a05aac8355c1
-
SSDEEP
24576:BBeubeAjXoVLH9ZToeUWXkhnY6Fd3+HjnZiTSu+:nLefVH9ZT+WX03GDZiTT+
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-