Overview

overview

10

Static

static

1

Full-Ver_Setup.exe

windows7-x64

10

Full-Ver_Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Full-Ver_Setup.exe

  • Size

    70.0MB

  • Sample

    250110-1dhnyaykfz

  • MD5

    251ea82a4f4d958152742a38394b0229

  • SHA1

    5413b0c97b91b5078595bc1e445461e84020ec63

  • SHA256

    f3c95a22bccc513a28a86589db4049d0804f5bfcb3494f3502c85fc37ded7493

  • SHA512

    b8bf2ed9d2c6d294a07b1253f67c03a08d60016fb73394f810842de575821c8b8b998c0835e73b79b008a72f8bbc653fa769bf8d15006a427ede2d123845af6f

  • SSDEEP

    24576:KBtdvgIn+hGDeXZ0sMVHMuJxu2MHZFkpqnrOId+3x3:WgIn+hGDouZxu2MHZu/IA3x3

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://homelessdejs.cyou/api

https://fraggielek.biz/api

https://grandiouseziu.biz/api

https://littlenotii.biz/api

https://marketlumpe.biz/api

https://nuttyshopr.biz/api

https://punishzement.biz/api

https://spookycappy.biz/api

https://truculengisau.biz/api

Targets

    • Target

      Full-Ver_Setup.exe

    • Size

      70.0MB

    • MD5

      251ea82a4f4d958152742a38394b0229

    • SHA1

      5413b0c97b91b5078595bc1e445461e84020ec63

    • SHA256

      f3c95a22bccc513a28a86589db4049d0804f5bfcb3494f3502c85fc37ded7493

    • SHA512

      b8bf2ed9d2c6d294a07b1253f67c03a08d60016fb73394f810842de575821c8b8b998c0835e73b79b008a72f8bbc653fa769bf8d15006a427ede2d123845af6f

    • SSDEEP

      24576:KBtdvgIn+hGDeXZ0sMVHMuJxu2MHZFkpqnrOId+3x3:WgIn+hGDouZxu2MHZu/IA3x3

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks