lumma | d00a3e22e53210acbd5c3e39b85332e3d47c8ec001d2bbf7a13abb07427bbba2

Resubmissions

10-01-2025 18:05

250110-wn7cts1pct 10

10-01-2025 18:03

250110-wnc4zs1pay 10

10-01-2025 17:59

250110-wkqwns1ndx 10

Sharing

Copy URL

Twitter E-mail

General

Target

Dogusign Reader 1.26g.msi
Size

10.5MB
Sample

250110-wn7cts1pct
MD5

35f774e65e57f419fff8d8f74945ea51
SHA1

c3e1d2d50a9bbca445576e0d71c6984cc1dc60bb
SHA256

d00a3e22e53210acbd5c3e39b85332e3d47c8ec001d2bbf7a13abb07427bbba2
SHA512

34db08df1751754159ca37249dd8a66a811150e2a0bbdc020858f5ee55f9fb8ef763bb74bbb723633f79ea9fde8dd0feeb0c79e0c442ca6f15a8c6d8ffa58a26
SSDEEP

196608:xaZKIcPtwQbOmV7SPjZJrtiXPFsKASDdybmR67JU6OpkKM1sQT9nAJDPMRAl6q7r:Y3cPt30JrtiXdsKAcrR67J0kR1syAtMU

Score

10^/10

Malware Config

Extracted

Family

lumma

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

Targets

- Target
  
  Dogusign Reader 1.26g.msi
- Size
  
  10.5MB
- MD5
  
  35f774e65e57f419fff8d8f74945ea51
- SHA1
  
  c3e1d2d50a9bbca445576e0d71c6984cc1dc60bb
- SHA256
  
  d00a3e22e53210acbd5c3e39b85332e3d47c8ec001d2bbf7a13abb07427bbba2
- SHA512
  
  34db08df1751754159ca37249dd8a66a811150e2a0bbdc020858f5ee55f9fb8ef763bb74bbb723633f79ea9fde8dd0feeb0c79e0c442ca6f15a8c6d8ffa58a26
- SSDEEP
  
  196608:xaZKIcPtwQbOmV7SPjZJrtiXPFsKASDdybmR67JU6OpkKM1sQT9nAJDPMRAl6q7r:Y3cPt30JrtiXdsKAcrR67J0kR1syAtMU
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Enumerates connected drives

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2