lumma | 6e9c872917def263d5e097fe5b2110c76ad72f5d6e87326a4d74ddcdb743ee36 | Triage

Resubmissions

31-12-2024 02:58

241231-dgl47s1kdp 10

31-12-2024 02:41

241231-c6g14ssrct 7

Sharing

General

Target

Release-x86.zip
Size

22.8MB
Sample

241231-dgl47s1kdp
MD5

b702a938e2a59d94589f56643c6bcb97
SHA1

19948646f03568dff602218f966fa35591b11fbd
SHA256

6e9c872917def263d5e097fe5b2110c76ad72f5d6e87326a4d74ddcdb743ee36
SHA512

30500ccfec193a6ee9318cb67cee0e5e169c12dccd3f5d7df9983a2088a9317660fa8a9383df39d1e0b2a49db975fe915daa549459bc1ab98cad7eb8eb7b6b38
SSDEEP

393216:tDUC27fkAw2eSfr+zWRY/OGAD3XvrZXtX0ptC7Ye80AT4uCVucOEkAQa1dUI:tDZ27s729GhALv/kptC7YkAk5VuXEkA/

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  Release-x86.zip
- Size
  
  22.8MB
- MD5
  
  b702a938e2a59d94589f56643c6bcb97
- SHA1
  
  19948646f03568dff602218f966fa35591b11fbd
- SHA256
  
  6e9c872917def263d5e097fe5b2110c76ad72f5d6e87326a4d74ddcdb743ee36
- SHA512
  
  30500ccfec193a6ee9318cb67cee0e5e169c12dccd3f5d7df9983a2088a9317660fa8a9383df39d1e0b2a49db975fe915daa549459bc1ab98cad7eb8eb7b6b38
- SSDEEP
  
  393216:tDUC27fkAw2eSfr+zWRY/OGAD3XvrZXtX0ptC7Ye80AT4uCVucOEkAQa1dUI:tDZ27s729GhALv/kptC7YkAk5VuXEkA/
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2