General
-
Target
718cd3f9c7af9f5d66be359a52d591fa.bin
-
Size
1.3MB
-
Sample
250107-bp88laxkhy
-
MD5
759164dfa7a650f64003ed052aac4d01
-
SHA1
fa318b423709fb6e8923e7d1e0d821c11f453e8b
-
SHA256
a3339a10ad277af0c000d326b1efc3428a460b8011261a0dc9f748a227859f3c
-
SHA512
f084d9bf4d480123e98d82d21e8391e44a208381b27f6a72ed127d12e6f85f0fcc6518be9a37f4fba13685ec2b2ff5215af3ea36f16ff6db9fd092889e41fe48
-
SSDEEP
24576:lQFhJnf/Jwx2Hm0XsWVshyGWqlWE9pfRfkgtcgzJaCqy+Tueuk5Ye:lm/JO2Hm0sosgqQE7+Ucgzhn6ukh
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
Targets
-
-
Target
522a7e03226188d88442e28eced425f155642961823eb06bead1ddabab431e5d.exe
-
Size
70.0MB
-
MD5
718cd3f9c7af9f5d66be359a52d591fa
-
SHA1
67e5a80879cc7e6ee2929fb54d1482d9aa5ac53d
-
SHA256
522a7e03226188d88442e28eced425f155642961823eb06bead1ddabab431e5d
-
SHA512
d36b5e3be074a4738c7299f074deca97dad04824e15a9b949657038d0d0c50c9b54824d2865dd5ecd5423dae083406d1b30e127383a1114b7eb3c1786d157ced
-
SSDEEP
24576:rD2ewUShGJHB3wws/zxDuL13EPe86Wsm04tRlJ1/K1fk2UQtNySW3Mb3g3:PShGNJwwyzKEPeLUnJ1ykxSWcb3g3
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-