lumma | 91370a1ad29bacd8f98bfbc10dc8edf3efcc8d219a48a2ddd40ca3110c889df1 | Triage

Sharing

General

Target

mksnys.zip
Size

263KB
Sample

250107-gw2d8axqcy
MD5

8d7921cba4e410bb0450af4ebcb4674a
SHA1

afc47f03d7ff9684649fed84d109b15242dc0d48
SHA256

91370a1ad29bacd8f98bfbc10dc8edf3efcc8d219a48a2ddd40ca3110c889df1
SHA512

c290e04f01c62ab04e5e62679e62f2f71592786938a5fa40ca2e76572b043dfb05b89b04aee4d8139ab4e8c107c75bc5160d11f8cd0e1ac60745cd195b99f2c6
SSDEEP

6144:bU2QNgosePpsRxKItPhRhNhf3lLFrwrOo9jwPteCUalgth:7QNH+uKPh/1F8OGsPt5qX

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://parkywatter.cfd/api

Extracted

Family

lumma

C2

https://parkywatter.cfd/api

Targets

- Target
  
  cr.dll
- Size
  
  674KB
- MD5
  
  e4d17e5f97b7adc505ada4ed0b62f20a
- SHA1
  
  b523b44b849923ed2d6a29163e9b6660146b601c
- SHA256
  
  b5aab790bd318d30202bc34f895cc21c1b91485a2b49fcae3e9b2227c9edecfd
- SHA512
  
  9901414d2d00f12254d245d9858d30825f3db1e2868da87136508c2fb9507ce018d9d4c64365ac221c42f748bb4abd45cc1a153abe9f9662e0ffa43df14435d5
- SSDEEP
  
  6144:ShkN+UOV+nk1Bv0/SKxjtE/c7oalQ1UradWPtFiQriFV2rbwPJE76lJD4B+YTsUm:SyNi1B8F5Nln8QrgJDgCPYtUv8EJQ
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  kornkes.exe
- Size
  
  19KB
- MD5
  
  0ca288dd5dee603ef60a89a4d93bd5ef
- SHA1
  
  5cb75c3c0f97eb1aeb9c6e1bcf0ddb48b3c27388
- SHA256
  
  6555be0bfcea4072319928660df82543777be2e550cfd4d8e812de92f358ea48
- SHA512
  
  c62e7c0a9757dc4f67f901d32a558714119f00ce40250fd4077732ab6599275cb4ba96e8404428b1bbd235662da482c3b8539ae17941e3f500714da6bbc9739f
- SSDEEP
  
  192:vsB2RnYACSrbQAyUu5xuhTDQXHjLviaGDtYQEQXN3XOUTaU/RCszgAo:vZukbQ/UQuYjLvzGDVE0xXhaUJCWgAo
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

lummadiscoverystealer

behavioral4

lummadiscoverystealer