Overview

overview

10

Static

static

1

Set-up.exe

windows7-x64

10

Set-up.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4913867e3bd290b09f3a8bb89d62b7a9598ffc0a70fe380e99f84029bdc7c539.zip

  • Size

    4.8MB

  • Sample

    250107-ac8wmawrbp

  • MD5

    82a298310206e4b0872dc97a180c2aaa

  • SHA1

    4f5d0f0cfc4f5f103d7d8692cd56020d3c73e0c0

  • SHA256

    4913867e3bd290b09f3a8bb89d62b7a9598ffc0a70fe380e99f84029bdc7c539

  • SHA512

    dbe0d8b8c1eaf5f937d6848f62202b35f739954d6233a11314a7c857e9ae4843b096a75d3c86683206c6b27e9e3113fb684d54c082d091a11ae0ddc639b94fb6

  • SSDEEP

    24576:1ASu7WyS05PesPGiAtMl3wRQiPHtWCDiVE3fgnfdmXcjq:5i9S05msP2L9PdiVEYnwMjq

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

    • Target

      Set-up.exe

    • Size

      920.0MB

    • MD5

      8aa72f80525d5810e676847da7a4b67b

    • SHA1

      4231f39fec8fb4073dd3ac49620a9150bd5ec355

    • SHA256

      6a7124b5dfd59ab9809bb7f297b0a560f92cbe3730ad2e9ea6bfae9944a6246a

    • SHA512

      5e02a86bc63d89795aeef7b13effcc0aeca1166a2c14b10f4d7e582414c3bf4d70f29503ab18b7ad628b78215fde278006380b38df4697661821cb6cf0a8318e

    • SSDEEP

      24576:kjuSUb3uYP4mAtUl3qRWYP9ZoiD25EhxcnpLmtG3:LSUbeYPwD1Pt25EcnME3

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks