lumma | 97680e3767fd78d51dc5eb033c0d56297e738b41b98040f5b2e2c30eee2754c4 | Triage

Sharing

General

Target

97680e3767fd78d51dc5eb033c0d56297e738b41b98040f5b2e2c30eee2754c4.zip
Size

9.4MB
Sample

250107-ac9g6avkgy
MD5

c1a5ca54e61b1a6d1e82b0c648dbc08b
SHA1

d9064b135e0dd2355995e1d99dd12881b9c036ff
SHA256

97680e3767fd78d51dc5eb033c0d56297e738b41b98040f5b2e2c30eee2754c4
SHA512

e7852ec4eaaad5084015cabf548293216263e57f6f3480d4e9b634ca07ead8e5ee80f4ea35c1b01891ba73bb3d5f8f16ec10d57bc477ed2efb80bef874268154
SSDEEP

196608:/EOJuaveKE+fZX1rbAEsDvMBGdQK7/Gm8t3LrDEDYrKObglL:savbxFrbXGx4tzWYXsJ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  wilcom embroidery studio e2.0 with crack.exe
- Size
  
  835.5MB
- MD5
  
  951d3153474d94b495fe161160a37d8a
- SHA1
  
  93822e6e5d0913f5882ac7b095717ddb30f1d758
- SHA256
  
  dbda28a86f42e030a6dd89ede4227342bbb4a3b0a174f33ce1ff66a1359507cb
- SHA512
  
  7cc839168f8f760d91f5f647612f7ecf4e7b39876acf44731ec1ca02bb90e4cc784c8d734147560d39b9e55c80c26d8b9642aaceacd36e9ff74139bf6797daab
- SSDEEP
  
  393216:c3WtnQhZzH0a/mbrYX8Rnd2ftzlHBLmjTb5RY8cja/T8NNNNNNo9O+:AXLT
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer