General
-
Target
4c6a4865f91eb5b226c260ff5fe90dee53500bd58b7b4d122734b832f8b93873N.exe
-
Size
1.3MB
-
Sample
241231-h2tr1atnev
-
MD5
8ebe173ef15f3f077c14f0ac60221d30
-
SHA1
366be85692a300a27a79549350c314acf0bac2db
-
SHA256
4c6a4865f91eb5b226c260ff5fe90dee53500bd58b7b4d122734b832f8b93873
-
SHA512
8058484f9c472b43d29674a06cadf3c791f686ecbfac0c189fc1224aeb9c29f6e9be044e933bccc403e682758d8cab3a090e6d88d7328c8e6d0acee5f2cbb9fa
-
SSDEEP
24576:aE7Cf2MeIDYktoF8/vcipzlE6mnkOGCUOFm4dxT+YDhYDYZvRuxFt49CBa5OdQw:xCO71q/finkOGCE4dZ+YDhYDYZv0x74M
Malware Config
Extracted
lumma
https://sordid-snaked.cyou/api
https://awake-weaves.cyou/api
https://wrathful-jammy.cyou/api
https://debonairnukk.xyz/api
https://diffuculttan.xyz/api
https://effecterectz.xyz/api
https://deafeninggeh.biz/api
https://immureprech.biz/api
https://tacitglibbr.biz/api
Targets
-
-
Target
4c6a4865f91eb5b226c260ff5fe90dee53500bd58b7b4d122734b832f8b93873N.exe
-
Size
1.3MB
-
MD5
8ebe173ef15f3f077c14f0ac60221d30
-
SHA1
366be85692a300a27a79549350c314acf0bac2db
-
SHA256
4c6a4865f91eb5b226c260ff5fe90dee53500bd58b7b4d122734b832f8b93873
-
SHA512
8058484f9c472b43d29674a06cadf3c791f686ecbfac0c189fc1224aeb9c29f6e9be044e933bccc403e682758d8cab3a090e6d88d7328c8e6d0acee5f2cbb9fa
-
SSDEEP
24576:aE7Cf2MeIDYktoF8/vcipzlE6mnkOGCUOFm4dxT+YDhYDYZvRuxFt49CBa5OdQw:xCO71q/finkOGCE4dZ+YDhYDYZv0x74M
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-