lumma | 5f48c49a076ce47c99701ffc6923f70f2e2992d4d8f250ee033f268feb1347be | Triage

Sharing

General

Target

BoostrapperX64.exe
Size

1.1MB
Sample

250103-qnwnfaypfn
MD5

7ceaf5f580f8c1de0abd2155e23fabd3
SHA1

23b87f5c240953a9f1cd3091db9dd15c3035526a
SHA256

5f48c49a076ce47c99701ffc6923f70f2e2992d4d8f250ee033f268feb1347be
SHA512

6ac89ab1be1e929783bf3561c6048185bf551599939c4e42e7a785a68b7aa3a4053313edb878a78d4af8e2efee0c2a33251f27a818e2edf369e8fdf3e1e6c6fa
SSDEEP

24576:HTaE1KGZIg8ji3ZvXwz1TkZ6eVRLw5dpVq2CBWIKPR6:zasKGCPMfg14/G5dDk8IKJ6

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://hummskitnj.buzz/api

https://cashfuzysao.buzz/api

https://appliacnesot.buzz/api

https://screwamusresz.buzz/api

https://inherineau.buzz/api

https://scentniej.buzz/api

https://rebuildeso.buzz/api

https://prisonyfork.buzz/api

https://begguinnerz.biz/api

Extracted

Family

lumma

C2

https://begguinnerz.biz/api

Targets

- Target
  
  BoostrapperX64.exe
- Size
  
  1.1MB
- MD5
  
  7ceaf5f580f8c1de0abd2155e23fabd3
- SHA1
  
  23b87f5c240953a9f1cd3091db9dd15c3035526a
- SHA256
  
  5f48c49a076ce47c99701ffc6923f70f2e2992d4d8f250ee033f268feb1347be
- SHA512
  
  6ac89ab1be1e929783bf3561c6048185bf551599939c4e42e7a785a68b7aa3a4053313edb878a78d4af8e2efee0c2a33251f27a818e2edf369e8fdf3e1e6c6fa
- SSDEEP
  
  24576:HTaE1KGZIg8ji3ZvXwz1TkZ6eVRLw5dpVq2CBWIKPR6:zasKGCPMfg14/G5dDk8IKJ6
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer