lumma | 6d7f1b46227593ce58ce2eac041a23e90f9fa45b2d609f17b1ac0cef8959ed0b | Triage

Sharing

General

Target

6d7f1b46227593ce58ce2eac041a23e90f9fa45b2d609f17b1ac0cef8959ed0b
Size

1.1MB
Sample

250110-cl4pda1jer
MD5

5421ec33225b0ffbc3e15ff647b52064
SHA1

47bd52bc61b7ca0870774e5e57ed044a08c73fc3
SHA256

6d7f1b46227593ce58ce2eac041a23e90f9fa45b2d609f17b1ac0cef8959ed0b
SHA512

c0e1b5df77455e3afb3a0bcc029e81f551e99b832f816cb362bc9e0b0a1fa54dd6e09e7b201b2276a1d732784f2b00a41db264ba365fbfa88b8087da64547b9b
SSDEEP

24576:+ifOu5Zt+AnkGPKv+bN8fspSkVfIhohNkokVQAb/20Ux6LNgZNmb7Tb7j:H2uRkGPKv+Jfe6rjWT0UgzU

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  6d7f1b46227593ce58ce2eac041a23e90f9fa45b2d609f17b1ac0cef8959ed0b
- Size
  
  1.1MB
- MD5
  
  5421ec33225b0ffbc3e15ff647b52064
- SHA1
  
  47bd52bc61b7ca0870774e5e57ed044a08c73fc3
- SHA256
  
  6d7f1b46227593ce58ce2eac041a23e90f9fa45b2d609f17b1ac0cef8959ed0b
- SHA512
  
  c0e1b5df77455e3afb3a0bcc029e81f551e99b832f816cb362bc9e0b0a1fa54dd6e09e7b201b2276a1d732784f2b00a41db264ba365fbfa88b8087da64547b9b
- SSDEEP
  
  24576:+ifOu5Zt+AnkGPKv+bN8fspSkVfIhohNkokVQAb/20Ux6LNgZNmb7Tb7j:H2uRkGPKv+Jfe6rjWT0UgzU
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer