lumma | 66e6f6875a1bc0e6aef2be9b6f4577c8245ca3b4ead13a4e3f8d6e9248c03843 | Triage

Sharing

General

Target

66e6f6875a1bc0e6aef2be9b6f4577c8245ca3b4ead13a4e3f8d6e9248c03843.exe
Size

70.0MB
Sample

250108-c2p6xszqdx
MD5

9284c1e1be5769dc80792308a978330a
SHA1

4f4bc4ba852fc6e17e1621d69d16167add1ab138
SHA256

66e6f6875a1bc0e6aef2be9b6f4577c8245ca3b4ead13a4e3f8d6e9248c03843
SHA512

cbd834c2f8b92bf0fa51b0f7f0d76e1d609536c8a09cb0a39770b8af547d8979c8bc07eed23dff229363a3f1681997541eea743370fdbb8c50e9da6baebe79b6
SSDEEP

24576:JQobnzB8GlDWZzHXrRls6j4+CM+lFkDHZ0vtQ34nS/DWHOk0L:beRHRaamvyJUDg

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://beattalkerz.cyou/api

Extracted

Family

lumma

C2

https://beattalkerz.cyou/api

Targets

- Target
  
  66e6f6875a1bc0e6aef2be9b6f4577c8245ca3b4ead13a4e3f8d6e9248c03843.exe
- Size
  
  70.0MB
- MD5
  
  9284c1e1be5769dc80792308a978330a
- SHA1
  
  4f4bc4ba852fc6e17e1621d69d16167add1ab138
- SHA256
  
  66e6f6875a1bc0e6aef2be9b6f4577c8245ca3b4ead13a4e3f8d6e9248c03843
- SHA512
  
  cbd834c2f8b92bf0fa51b0f7f0d76e1d609536c8a09cb0a39770b8af547d8979c8bc07eed23dff229363a3f1681997541eea743370fdbb8c50e9da6baebe79b6
- SSDEEP
  
  24576:JQobnzB8GlDWZzHXrRls6j4+CM+lFkDHZ0vtQ34nS/DWHOk0L:beRHRaamvyJUDg
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer