lumma | 458bea34eadc7f3901639e4a00146257a48decd88b6c6d93fe498a7b9e5cae51 | Triage

Sharing

General

Target

458bea34eadc7f3901639e4a00146257a48decd88b6c6d93fe498a7b9e5cae51.zip
Size

22.5MB
Sample

241230-f7h7cazlen
MD5

79e2cf1a02dec029efeb3b0f253ea32e
SHA1

65ed4156ded09334c25b0cfd235268b5330cd6f5
SHA256

458bea34eadc7f3901639e4a00146257a48decd88b6c6d93fe498a7b9e5cae51
SHA512

dc0f310fe18232502bf243091b453e4bbd5cdf13782d8b7bec72de6a8bcadd1be3e3a93ccd5b4e7337a4f0f5c9ccf06101282b6a61579379817f03ce8f18d455
SSDEEP

393216:ckxQS/dWu7s9QJ5q72ReVkMqQunhyccWsfCyUlCVIbhuNs/fOSpJLWdJry0G4:cuQSFWuBkmWqQY3cRfCv0SfxJLWfxG4

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://drawwyobstacw.sbs/api

https://condifendteu.sbs/api

https://ehticsprocw.sbs/api

https://vennurviot.sbs/api

https://resinedyw.sbs/api

https://enlargkiw.sbs/api

https://allocatinow.sbs/api

https://mathcucom.sbs/api

https://ensuderowmn.biz/api

Targets

- Target
  
  Roarland_Setup.exe
- Size
  
  689.9MB
- MD5
  
  fd73cdaf9630ac3a86320de4d831d994
- SHA1
  
  e03a791836dbf283fbc47e257c9aa8ec8d26f0a6
- SHA256
  
  450fb432284ba2ee08c2cb3464286aaee9826fc23b1bfe72d7731c6aced05cb6
- SHA512
  
  b10a3217e73eed2851b2ac071f47f76d5e86cd21d7b9e1565b0a3d0e2d82bd9983cb91fec6008306811d2af35d453363962f377dc2a53d57e625568bc1330a12
- SSDEEP
  
  196608:eUWlPBFhD0f4P43aWKbFFM6oFPGMTjctr47i+tsYGC0t1JCbfJmYLTXzGf48o1cY:qPBFhD0f4P4t+FFMLnjcC7i+tk
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer