lumma | 35ec326de52f4431aa71c1acde164922877db1eefcfe41b2b01c4f5363f98c9e | Triage

Submit
Reports

Overview

overview

Static

static

4

@#Pa$$w0rD...��#.7z

windows10-2004-x64

Sharing

General

Target

@#Pa$$w0rD__9098--PC_Set-Uᴘ# (9098).zip
Size

7.4MB
Sample

250102-fjse4strdx
MD5

af1b1f222483e080066af5a896d3e281
SHA1

3e76d71e7d15f74779caccfd08bb1df4e51073c5
SHA256

35ec326de52f4431aa71c1acde164922877db1eefcfe41b2b01c4f5363f98c9e
SHA512

a69709e3ec8c524c72842c0a801193eddfd5153ffd05112e354f91975ee7f0afb9adccf0d5bec4bdaa7fa8aa654fed64589477724a9711c759e910ca879bff0c
SSDEEP

196608:eQnbESTK9juv9+TNRgQf5+Bi2q0KWC+jI:eYb3KI+JO7Ij0Y

Score

10^/10

lumma discovery link pdf stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

@#Pa$$w0rD__9098--PC_Set-Uᴘ#.7z

Resource

win10v2004-20241007-en

lumma discovery stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  @#Pa$$w0rD__9098--PC_Set-Uᴘ#.7z
- Size
  
  7.4MB
- MD5
  
  bc6c215d3cb7ad0034b5205d049ab961
- SHA1
  
  15408e82f63f0124e1f151e3b91b8638726767be
- SHA256
  
  6532f999140742ad17b2d814ae35d109a9ac70f6bd26302bcecef02ea1b47558
- SHA512
  
  62093cce2d17b91350d7e605eaaaa13007741d4b7ae363d3571e9f6160f95c0033f2cfd459a56eb7c0d681eb3a55f9b874e0f5311504ca28177fe7ec57ff2138
- SSDEEP
  
  196608:EQnbESTK9juv9+TNRgQf5+Bi2q0KWC+jA:EYb3KI+JO7Ij0w
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

© 2018-2025

Terms | Privacy