General
-
Target
06d35992772281ea3f622f4427971f957fd0a842cb87a1cdea54e2697bf5d4e7.zip
-
Size
19.6MB
-
Sample
250102-cfw3caxldy
-
MD5
e573fa48eee29f58f98e198bad2b1459
-
SHA1
ea3f20e9d2a24b6e55c6484f7512a235ef24180e
-
SHA256
06d35992772281ea3f622f4427971f957fd0a842cb87a1cdea54e2697bf5d4e7
-
SHA512
9a5b10f99819ae6b3cefaaacef66d95b61fe0ce545acfab9369537a98233fd3edc7906d878396814686619bd05c0a14c973f77c83f49f0cfdeb679983207f078
-
SSDEEP
393216:L+T5TLKOdA7gG+520c9tSLuyvs/2xD6+CsLQah/oiH5KtGqyLt7Ybml6:yT57Wz+00WSKBOxD6+tRgiM8qyLt7YbZ
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
Extracted
lumma
https://abruptyopsn.shop/api
https://wholersorie.shop/api
https://framekgirus.shop/api
https://tirepublicerj.shop/api
https://noisycuttej.shop/api
https://rabidcowse.shop/api
https://cloudewahsj.shop/api
Targets
-
-
Target
adobe_illustrator_2025_v29.1_(x64)_pre-cracked.exe
-
Size
913.1MB
-
MD5
eb4c3ac3d9e180110caff98bafa7c98e
-
SHA1
b50b6850f9e7b0312ae89cb1c4ba49d3221604e4
-
SHA256
5097335b52a0946622914659e078a9a94b8026e71098e2351ec94fbad96d5caa
-
SHA512
fac63555a92e27b1727b301696138b8182142307d0d0496ce44a70ae68b8042e3cf15ad20835f398ff2dd231d99db1b5b70843a8a6cb752cdb6861aff9674359
-
SSDEEP
196608:vWjHxUa0MqC6FxRsd3334aDl4SDPpaQHVIyAONxKmfU0mZ+q7GtNzmJnqCm3GLxl:v+RUZfjGDuiIofdURuSnz7BdAkIa
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-