lumma | b0669b7c7af17ac57206e5763439af214c3ac95f78f54c725cd4755f313b42a7

Resubmissions

14-01-2025 02:47

250114-dacl7axjdr 10

12-01-2025 05:53

250112-glgbas1pdp 10

06-01-2025 23:08

250106-24x2zstrcm 10

Sharing

Copy URL

Twitter E-mail

General

Target

Set-up.exe
Size

1.1MB
Sample

250112-glgbas1pdp
MD5

66f7c3478c05fc5076831c995d1aa078
SHA1

87768180fdaec44732d4b6594ca2581f6f98f4cd
SHA256

b0669b7c7af17ac57206e5763439af214c3ac95f78f54c725cd4755f313b42a7
SHA512

9c11ad42729e31fd2d1dc02707d2a10837c0cda919516fd49c2b539e98959f2ca2e64e3887b3576f507c69bc923702ec7ae2dc71b450a82440011b824bc684a8
SSDEEP

24576:giC44xR9ylHUJpixIJB4eWlhpJTXaNDBoSQp/YFoA9:cNp3eQ0JTXarM/YFoY

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  Set-up.exe
- Size
  
  1.1MB
- MD5
  
  66f7c3478c05fc5076831c995d1aa078
- SHA1
  
  87768180fdaec44732d4b6594ca2581f6f98f4cd
- SHA256
  
  b0669b7c7af17ac57206e5763439af214c3ac95f78f54c725cd4755f313b42a7
- SHA512
  
  9c11ad42729e31fd2d1dc02707d2a10837c0cda919516fd49c2b539e98959f2ca2e64e3887b3576f507c69bc923702ec7ae2dc71b450a82440011b824bc684a8
- SSDEEP
  
  24576:giC44xR9ylHUJpixIJB4eWlhpJTXaNDBoSQp/YFoA9:cNp3eQ0JTXarM/YFoY
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Checks computer location settings

Executes dropped EXE

Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2