Overview

overview

10

Static

static

3

appFile.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    miside_free_download_(v0.921).7z

  • Size

    17.3MB

  • Sample

    250110-jt754aznhj

  • MD5

    37ecf3ad3a80524d23eb730f8ab6a601

  • SHA1

    63914f57dea683cb073cf67285ff2fa17bbc7b45

  • SHA256

    f1ef2374dd7e35010c7286bb15badd8099d1e26284b1473141c8ba0db6dbcf4a

  • SHA512

    b477362c8c6b6a19cfed8578efe8379ef677010829188c224d24250bb294f30fc4882424b62908787884089c05c34f29bf01d642f5460797374d837511305514

  • SSDEEP

    393216:7Pr83735zbxZgf3p1PN/bmUWQTP6COU/+hx5v+gv/xzAWaY:cJzbxZGLljP/+nYgv/xA/Y

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://openlievenj.sbs/api

https://fraggielek.biz/api

https://grandiouseziu.biz/api

https://littlenotii.biz/api

https://marketlumpe.biz/api

https://nuttyshopr.biz/api

https://punishzement.biz/api

https://spookycappy.biz/api

https://truculengisau.biz/api

Targets

    • Target

      appFile.exe

    • Size

      886.1MB

    • MD5

      1b989e46149267bba0cb05906ab3d97b

    • SHA1

      c1fb23d0a2ae5bbca5c4b7e6c785c887e902697b

    • SHA256

      ca48759ef45f74a67f7cf25f9cb35bd1a3bfcdbdd95e5c38e22ea75639fee48c

    • SHA512

      1611ae822df2b570e0f4e614cf6ad667f03b8d433dda6bc0a01ab55f52d7ec03344fe6889250a79d85ac743c9bebf38611c26f25cf89b7b0ba9ff5a46a30ba4f

    • SSDEEP

      393216:hapKFPlpPx0+88C//OJx6nLWVjHjShRbeQUHDIK2Nd26bYbh1hLthgvxRRFEOWVj:hMK9lpPWT/QVjHjSLQNKutjcjFjYzO

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Enumerates processes with tasklist

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks