Overview

overview

10

Static

static

1

random.exe

windows7-x64

10

random.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    random.exe

  • Size

    5.0MB

  • Sample

    250110-pswzbswqcl

  • MD5

    82b0dd4607ce761914ac07d3d585ed55

  • SHA1

    4621e732feb0470f3a036cd01dc273624a6e790c

  • SHA256

    20f96c72f95343c306164d0fdff253d50d85de272a5d3113d9e411aba467eb51

  • SHA512

    bb3cb777938a0d5b033f13f30564798575873f89be7f3214b5481d37cc4391d7bc7dea2097c90b1492965e4f6f3d42ea75701b5b4cd816159f9c67517eb67f7d

  • SSDEEP

    24576:QreSyKJOobxH5hrx+EHSYm6LFI8wVPW/P7Pub7jb7j:3Gr9yCq8wcLk

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://fraggielek.biz/api

https://grandiouseziu.biz/api

https://littlenotii.biz/api

https://marketlumpe.biz/api

https://punishzement.biz/api

https://spookycappy.biz/api

https://truculengisau.biz/api

https://nuttyshopr.biz/api

Targets

    • Target

      random.exe

    • Size

      5.0MB

    • MD5

      82b0dd4607ce761914ac07d3d585ed55

    • SHA1

      4621e732feb0470f3a036cd01dc273624a6e790c

    • SHA256

      20f96c72f95343c306164d0fdff253d50d85de272a5d3113d9e411aba467eb51

    • SHA512

      bb3cb777938a0d5b033f13f30564798575873f89be7f3214b5481d37cc4391d7bc7dea2097c90b1492965e4f6f3d42ea75701b5b4cd816159f9c67517eb67f7d

    • SSDEEP

      24576:QreSyKJOobxH5hrx+EHSYm6LFI8wVPW/P7Pub7jb7j:3Gr9yCq8wcLk

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks