lumma | 0fda11e70fd15b6001a6a30fc652ed7cbd2384167ca2ea8af0c54f7cae7e1830 | Triage

Sharing

General

Target

2025-01-11_d8bdb08dfec797bab9512006bed4a3b2_avoslocker_luca-stealer
Size

24.2MB
Sample

250111-lfsvcsvlds
MD5

d8bdb08dfec797bab9512006bed4a3b2
SHA1

49d0413c51a3dba9cf863e2978ee00d61dd4789e
SHA256

0fda11e70fd15b6001a6a30fc652ed7cbd2384167ca2ea8af0c54f7cae7e1830
SHA512

8cca5cc6c7119f81ea9a095c13babc4f72af28d30f772d564121aa06a29361a07455d3306d73ce0cdfd2c3a478fc1fee1f9a716d5cfccad5de4108c4c79e9245
SSDEEP

196608:rfHADSSTHO9y7FPhCivssjy9bhCeDXqmH5a9y8yvmMhp43lD2akyGwS+7d:rY5rO9y7phJ8lhCeGry8yvmMhp43lK4

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://truculengisau.biz/api

https://spookycappy.biz/api

https://punishzement.biz/api

https://nuttyshop/api

https://nuttyshopr.biz/api

https://marketlumpe.biz/api

https://littlenotii.biz/api

https://grandiouseziu.biz/api

https://fraggielek.biz/api

Targets

- Target
  
  2025-01-11_d8bdb08dfec797bab9512006bed4a3b2_avoslocker_luca-stealer
- Size
  
  24.2MB
- MD5
  
  d8bdb08dfec797bab9512006bed4a3b2
- SHA1
  
  49d0413c51a3dba9cf863e2978ee00d61dd4789e
- SHA256
  
  0fda11e70fd15b6001a6a30fc652ed7cbd2384167ca2ea8af0c54f7cae7e1830
- SHA512
  
  8cca5cc6c7119f81ea9a095c13babc4f72af28d30f772d564121aa06a29361a07455d3306d73ce0cdfd2c3a478fc1fee1f9a716d5cfccad5de4108c4c79e9245
- SSDEEP
  
  196608:rfHADSSTHO9y7FPhCivssjy9bhCeDXqmH5a9y8yvmMhp43lD2akyGwS+7d:rY5rO9y7phJ8lhCeGry8yvmMhp43lK4
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer