lumma | 8b67b119428fa8b7e69799c40e2bb6e2c30b583e1ec9e659996ae5102373c2f9 | Triage

Sharing

General

Target

8b67b119428fa8b7e69799c40e2bb6e2c30b583e1ec9e659996ae5102373c2f9.zip
Size

4.3MB
Sample

250107-ac94pavkg1
MD5

172703b4d1568e27c679eeaf1dbe296d
SHA1

8ef4d3c9b8c374ade17a016b0b5b3fed6e87325f
SHA256

8b67b119428fa8b7e69799c40e2bb6e2c30b583e1ec9e659996ae5102373c2f9
SHA512

d0a47422110f348df2427eb898e42e7b2d8020cb2ec8529d8eeff812a3d82f16ff7decae15207c4006ea7d01ee6757a091c6210ff1844d88206f295d5e69d627
SSDEEP

98304:9mIfpVsOzDuGpBGba71EABhPU99iiwzFZFLfLV/:RhVfX7pB+PihPUtwzFLfLN

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  stardock.start11-2.49.2.beta.exe
- Size
  
  785.5MB
- MD5
  
  8ab69f2524bc47a14a44890d9f112b1b
- SHA1
  
  e19531969d7f358dd364b3d02ae8d34ab0d857c6
- SHA256
  
  4cb3416beb6cd272453adc5d0142e8f169159170e0b9e4fad642906c7f8df3b1
- SHA512
  
  cc66c7778d2844ba9cb2ccfb6a6dcb2fec2ef05f0f7cb5b1c40a953bf27aa86b8c7865eb223008266dc6df5cae959400cbcf8150ac0891909d5a970a6d9a167d
- SSDEEP
  
  196608:T5DxYaW/IQhZDpxdG7xZWEpBAAZQ2uF9:T3WQQhZbdGbW6+dp
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer