Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a680c40617faa1f6d1350cb2377f5f26072daa20a69b01950451c6f78a54591a.zip

  • Size

    5.9MB

  • Sample

    250107-ace9batrb1

  • MD5

    007c29c6894de58c5078af9e8c6013e7

  • SHA1

    980c1f9667ff4b41c5e34964a4259125fd15b2ab

  • SHA256

    a680c40617faa1f6d1350cb2377f5f26072daa20a69b01950451c6f78a54591a

  • SHA512

    f9a01d1827cc4c4739accf397a1ea0502218a462e575d244289f62e5165f97eaf6f775f13b8d41d23205dc1ecbfd184fda4b0b6e8fd7abe5ebdcf34de3c2aabe

  • SSDEEP

    98304:upSucSSlowSPW0V5H3Q6ZxG8nvYSIdkIR/+cT3ei:upjMlNSPLVp/bG8wS1O/dT3ei

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

    • Target

      file.exe

    • Size

      795.2MB

    • MD5

      06d31a0e09119a26dfc3df958468b66e

    • SHA1

      10238554859c74de4db2169d38f2ae51617eefc9

    • SHA256

      c55eb32f3f2f47af5cab4906e0f072c2a12cd7e096dea61db861490aa0c9209f

    • SHA512

      78ba6bb5d12fb88b547bdcb5f7facc9ddc5c52f19d3e68f1c5283e0f3adb8ffebcb3491162c97582c9511ee188b7b15976438b40eb731161a4a25c368e617c23

    • SSDEEP

      196608:EdNwzizg++iZuLVwzvalSpNDDDR81dyuB/ogO:tRikLyoSnDD+dTBO

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks