lumma | dbe392c4825cba4fe8ecf19800338617bb17abc9a2ad75076bbc07149202b223 | Triage

Sharing

General

Target

dbe392c4825cba4fe8ecf19800338617bb17abc9a2ad75076bbc07149202b223.zip
Size

19.7MB
Sample

241230-f7aj7szlbp
MD5

95b70565f0021866e8e8fa090b4027eb
SHA1

2eb4d2f1dfbc07a6c6560e70bd27caf6d2c8c8db
SHA256

dbe392c4825cba4fe8ecf19800338617bb17abc9a2ad75076bbc07149202b223
SHA512

7755072240773cc9914ba50431213b794f850e0cb3026a442a6c699f2b96b627598828520c55663bd0175869b37f4a1dbb8a7bdc1c6f2f4a942ed0047f7c355f
SSDEEP

393216:KOmfhjG1JVJqfGiuDqc3Mk9DgLfs6Gt+F9Rxnh6645g:fmfRGnVC9u+jWz6g+1xnh664m

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://servicedny.site/api

https://authorisev.site/api

https://faulteyotk.site/api

https://dilemmadu.site/api

https://contemteny.site/api

https://goalyfeastz.site/api

https://opposezmny.site/api

https://seallysl.site/api

https://studentyjw.cyou/api

Targets

- Target
  
  photodex proshow producer 4.5.2929 serial key/photodex proshow producer 4.5.2929 serial key/photodex proshow producer 4.5.2929 serial key.exe
- Size
  
  878.1MB
- MD5
  
  f2997e8198f84cfba4a010e8680a466f
- SHA1
  
  e9dda0c3aac55d5c65b29baf238ca9b368f7fe18
- SHA256
  
  edad74c09bcbbf85550b2f086513209977d652f5b10595472e37f3336dcdc43d
- SHA512
  
  5a965f2482f0496949ab95208096059f477b6d3ae6124fe7f3899d5011938bfbf4fcaff2aa8b4cefe026067b97d925c3776b9ea4c13da19d205d0028970e827a
- SSDEEP
  
  786432:UU+JnnGfysJvHxNjP2FYS5jq5GY1mTssCpEiBsw9gQhjOZUXKNg5oBVg:U+fyyHxNjPS5+5GFCp7oBVg
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer