General
-
Target
5cca6a6746a3f3efc901b3eaa503f2e6.bin
-
Size
1.0MB
-
Sample
250107-bljhrsyqeq
-
MD5
de8ed1ad9e1878171f6cdd5ad760d095
-
SHA1
228aba301d5bc15e8319c3f81f68cb0a36561289
-
SHA256
92e1049f4c146715f6b14446b3e2c4febe04f963ab21adc22d5aeac6d7fe9673
-
SHA512
e38b90feddc10038886b87074e35407938510184d7c307750e7670f680df52f016f3c4452dcacae1ab8655d04beec2e2d650ef977d159d230df047fcfb90f991
-
SSDEEP
24576:Ep4xN0ktks5wrONysf1IxX9GJNeuOf/fH1lVESaUE5vqNf1zWVZuK23afwj2+X:Ep4xNXHQaX18N2vOf/HUUAqjMF23M4X
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
Targets
-
-
Target
02a0853cbed6c7c556e4f9a62195568f2594cc3a5ef365214bc9289632b1cd51.exe
-
Size
1.1MB
-
MD5
5cca6a6746a3f3efc901b3eaa503f2e6
-
SHA1
413e1738bad7dfb582bf325e99b77de497134d78
-
SHA256
02a0853cbed6c7c556e4f9a62195568f2594cc3a5ef365214bc9289632b1cd51
-
SHA512
c29c0346167fbb8bc641c717dfbab38e0ed4263d085dfd83b50c557df2b7b3dd00a94097fb949046216c27df3732a126ee11b886c64c165afcbe327b1fc510d0
-
SSDEEP
24576:tWHjlwZHgyeGKkTKZpbY+h7OhLC17zSIMFRBkPmrpyVY5N:clwRcQ05pt17zSIsE8pyVY5N
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-