Overview

overview

10

Static

static

1

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.exe

  • Size

    70.0MB

  • Sample

    250110-1e24zaylds

  • MD5

    6d9439c5afd2cb8deeb2bd71a93e7828

  • SHA1

    392ffe0569edd73a17f33a95b1aa780aa03903c6

  • SHA256

    61c2f08d40d9d6d4a8bb4cc109ae7489c0dd263739898f90f67df75c414bea15

  • SHA512

    dde7c930427a85c18c21fcfb5d53c800b6bba2b79bf5058afd75b7119d419953194a0e32383ab3267b24823fcdd9129003f37058cad90518cee256460ba3f428

  • SSDEEP

    24576:Ytduzei3c4w+MTFpkqcsv2qBa7tsp0Lclw4BrlRHu:Sni3c4kHkNsv2H7SpOIrBrlRHu

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://rhetoricakue.cyou/api

https://fraggielek.biz/api

https://grandiouseziu.biz/api

https://littlenotii.biz/api

https://marketlumpe.biz/api

https://nuttyshopr.biz/api

https://punishzement.biz/api

https://spookycappy.biz/api

https://truculengisau.biz/api

Targets

    • Target

      Setup.exe

    • Size

      70.0MB

    • MD5

      6d9439c5afd2cb8deeb2bd71a93e7828

    • SHA1

      392ffe0569edd73a17f33a95b1aa780aa03903c6

    • SHA256

      61c2f08d40d9d6d4a8bb4cc109ae7489c0dd263739898f90f67df75c414bea15

    • SHA512

      dde7c930427a85c18c21fcfb5d53c800b6bba2b79bf5058afd75b7119d419953194a0e32383ab3267b24823fcdd9129003f37058cad90518cee256460ba3f428

    • SSDEEP

      24576:Ytduzei3c4w+MTFpkqcsv2qBa7tsp0Lclw4BrlRHu:Sni3c4kHkNsv2H7SpOIrBrlRHu

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks