lumma | 2bc90adf8cb7bffb4cbe89edc61c8521033807272af39a22165a846db2efbd48 | Triage

Sharing

General

Target

2bc90adf8cb7bffb4cbe89edc61c8521033807272af39a22165a846db2efbd48.zip
Size

278KB
Sample

250107-aclq4atrgv
MD5

b0058bb24a6229cd18d4f9615695194b
SHA1

c7fb3730716ac7aad342b4394b2f8d1e839acf7e
SHA256

2bc90adf8cb7bffb4cbe89edc61c8521033807272af39a22165a846db2efbd48
SHA512

5f8ab390c3e3f6946e6c4ca478d18fd6d9428818c842c1c6962d51ffb47db10d5cd21c41da35d87b03635a7b95c41f8976631a25068aa79fa6a3ab01b57ababf
SSDEEP

6144:UTo3wGlRnBAAvU6mr84X1wcXoY0MkAYxG1eNjJ1SqP9h7Sxk:UTmwS1mAvq84XEtAxIN1d7r

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://healbewilk.cyou/api

Extracted

Family

lumma

C2

https://healbewilk.cyou/api

Targets

- Target
  
  cr.dll
- Size
  
  677KB
- MD5
  
  5af02569e27b0aedc942f9ccbd485903
- SHA1
  
  c894f99282c6fc8250736cd734371f8ff5da7c12
- SHA256
  
  2f8667a3c2ed16c66f3c01cfcd38c86b5529e48cf0942b0b6ebf6ddd3eec377f
- SHA512
  
  04c51c56e68af3d6af27543bf91c989f0e3780ba71a11209726688c23cd8155f1e6d0015f0ac59055a1d6ec8b3efa90ddcfa550251d6516136b41aa85fc09e02
- SSDEEP
  
  12288:UCyNJAPjd9/atFGFURqQmBH0srwuYO94ozaZBM:Ul6hsRmB1wN
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  gojeks.exe
- Size
  
  19KB
- MD5
  
  d61e2923cf1f7d34558a0d88ab50e63e
- SHA1
  
  2755b7a8938d7a2458c3e0a2e63cf03e4157fc1d
- SHA256
  
  50c4c91017a886b22dec27ca6703362bdbd7d7012b5512cd149059b5f638a922
- SHA512
  
  ba0e76bbd875db7ea1e4062ae93e5002e6a90fc05230dd40fa224db6a75c9ce47d0db99c27498f18adc89dbd66190d816d9c169fb985c7576ce1a651cf63410f
- SSDEEP
  
  384:xm/ZQOxEUQuYjLvzPXxMEuT1IihagCW9:xCQEELXK7T1IcGW9
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

lummadiscoverystealer

behavioral4

lummadiscoverystealer