lumma | aefc0d264a6726fbbcfbb68385412b83d9928f0527813c543cb4f90d4920e419 | Triage

Submit
Reports

Overview

overview

Static

static

3

Software.zip

windows10-2004-x64

Sharing

General

Target

Software.zip
Size

908KB
Sample

250106-l7r25stndz
MD5

6f676d2be92f94716a4be2b2b5f6392d
SHA1

2e9a27380b2ecd17729ba0b61bbd35d26952a3f7
SHA256

aefc0d264a6726fbbcfbb68385412b83d9928f0527813c543cb4f90d4920e419
SHA512

2b0911894b54245f9f9ddee3a2f1a06d9066031d0aef6f52baa0addcb165f42d2d0627235bcc6f79f29b144960357cbdbb2b43dccbab1a849551773c3cbbd788
SSDEEP

12288:5TyZHcK0Ty2wv8s7/mj/73RaLHIW5BmUeUhoE4RgiF1q1bPIBKsg4Db0S1:5GZWTpwkc/u/7IoRnUKfq1Dl4DYk

Score

10^/10

lumma discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Software.zip

Resource

win10v2004-20241007-en

lumma discovery stealer

windows10-2004-x64

18 signatures

900 seconds

Malware Config

Extracted

Family

lumma

C2

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

Targets

- Target
  
  Software.zip
- Size
  
  908KB
- MD5
  
  6f676d2be92f94716a4be2b2b5f6392d
- SHA1
  
  2e9a27380b2ecd17729ba0b61bbd35d26952a3f7
- SHA256
  
  aefc0d264a6726fbbcfbb68385412b83d9928f0527813c543cb4f90d4920e419
- SHA512
  
  2b0911894b54245f9f9ddee3a2f1a06d9066031d0aef6f52baa0addcb165f42d2d0627235bcc6f79f29b144960357cbdbb2b43dccbab1a849551773c3cbbd788
- SSDEEP
  
  12288:5TyZHcK0Ty2wv8s7/mj/73RaLHIW5BmUeUhoE4RgiF1q1bPIBKsg4Db0S1:5GZWTpwkc/u/7IoRnUKfq1Dl4DYk
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

© 2018-2025

Terms | Privacy