lumma | 2adc5e3648a7701933af6854b3f1a58fffaafcce15d04066e45db675f209ec7c | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...7c.exe

windows7-x64

JaffaCakes...7c.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_2adc5e3648a7701933af6854b3f1a58fffaafcce15d04066e45db675f209ec7c
Size

689.0MB
Sample

241230-vreljszrhm
MD5

3360b0df3f7e0f6a2a0c44f1f22d7fe5
SHA1

b3726ba86f1b05d8955df3ca488036591e5b255c
SHA256

2adc5e3648a7701933af6854b3f1a58fffaafcce15d04066e45db675f209ec7c
SHA512

10a8e2891f376f5e028449879db9f237cd0952620332565d2ef19670fcbcbb51c55b086026c7c7880f176c1a92fe8cb9cc4fddbfb85e76fdb5a91e6e14aa534d
SSDEEP

24576:2mI2o2pTKK50KKgv9O3NjYBWdtGTkyuGedY:gIFKYc3RY0yTkIeu

Score

10^/10

lumma discovery spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_2adc5e3648a7701933af6854b3f1a58fffaafcce15d04066e45db675f209ec7c.exe

Resource

win7-20241010-en

lumma discovery spyware stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_2adc5e3648a7701933af6854b3f1a58fffaafcce15d04066e45db675f209ec7c.exe

Resource

win10v2004-20241007-en

lumma discovery spyware stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

82.118.23.50

Targets

- Target
  
  JaffaCakes118_2adc5e3648a7701933af6854b3f1a58fffaafcce15d04066e45db675f209ec7c
- Size
  
  689.0MB
- MD5
  
  3360b0df3f7e0f6a2a0c44f1f22d7fe5
- SHA1
  
  b3726ba86f1b05d8955df3ca488036591e5b255c
- SHA256
  
  2adc5e3648a7701933af6854b3f1a58fffaafcce15d04066e45db675f209ec7c
- SHA512
  
  10a8e2891f376f5e028449879db9f237cd0952620332565d2ef19670fcbcbb51c55b086026c7c7880f176c1a92fe8cb9cc4fddbfb85e76fdb5a91e6e14aa534d
- SSDEEP
  
  24576:2mI2o2pTKK50KKgv9O3NjYBWdtGTkyuGedY:gIFKYc3RY0yTkIeu
Score

10^/10

lumma discovery spyware stealer
- Detect Lumma Stealer payload V2
- Detect Lumma Stealer payload V4
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoveryspywarestealer

behavioral2

lummadiscoveryspywarestealer

© 2018-2025

Terms | Privacy