lumma | 173615f41fa2347c2e2b113b97a041ceac4e065ed31ce220ac12bf51948e63f6 | Triage

Sharing

General

Target

173615f41fa2347c2e2b113b97a041ceac4e065ed31ce220ac12bf51948e63f6.zip
Size

6.2MB
Sample

250107-ac9sxsvkgz
MD5

94a0641d50bd9685816a73a177bc7868
SHA1

8ef89aa4d6f0f19e50671f9eacd596636a879777
SHA256

173615f41fa2347c2e2b113b97a041ceac4e065ed31ce220ac12bf51948e63f6
SHA512

ee74af65f072d21ebdab35b0849c58fe2d9e340b38725e44f57956fa26dd1e28307dcfdf73e1953cbbbda6f269e1caa31efdc0acfb1039ccdc7dfa61cc9578e7
SSDEEP

98304:0Tx+XwEcv9ByHuMuAszQzB8DNm+sJt2DGBAEdL/rT29zJaiWZnvUTx87lNrCz:0TxIwp1Bg3szsum+sJbAEl3290lnlEz

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  stardock.start11-2.49.2.beta.exe
- Size
  
  785.5MB
- MD5
  
  8ab69f2524bc47a14a44890d9f112b1b
- SHA1
  
  e19531969d7f358dd364b3d02ae8d34ab0d857c6
- SHA256
  
  4cb3416beb6cd272453adc5d0142e8f169159170e0b9e4fad642906c7f8df3b1
- SHA512
  
  cc66c7778d2844ba9cb2ccfb6a6dcb2fec2ef05f0f7cb5b1c40a953bf27aa86b8c7865eb223008266dc6df5cae959400cbcf8150ac0891909d5a970a6d9a167d
- SSDEEP
  
  196608:T5DxYaW/IQhZDpxdG7xZWEpBAAZQ2uF9:T3WQQhZbdGbW6+dp
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer