Overview

overview

10

Static

static

1

BootstrapperV2.exe

windows10-ltsc 2021-x64

10

BootstrapperV2.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    V2.zip

  • Size

    1.5MB

  • Sample

    250112-x3nppsxrdr

  • MD5

    2b42e9304d1e383c72ca488caeb3c15c

  • SHA1

    0b6aa61482b31078b71659152c02cd911f53a283

  • SHA256

    1bd09dad3359a821385639f51431006b663dc30f6dd8aa2630d4bdf4f12ce282

  • SHA512

    9536ce06090cc37258fa0f22259803812f37b79206f33738c88bd3f6e1b231c82adc3fc8985aedc884b0bcdb47798fba2763b9ee20290ec7b2196f5ee5d3e9d6

  • SSDEEP

    24576:uGYWosmpVHvqU5WY515L8/cyswfV+g5UWJe1P:bYmsVHvqUUmjYEyswNWWJKP

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://jubbenjusk.biz/api

Targets

    • Target

      BootstrapperV2.exe

    • Size

      150.0MB

    • MD5

      ff9ecb042a95c9076b683c69d9d0310e

    • SHA1

      07c9486bd6424dedcac4e16e5d10ecee69be1c9a

    • SHA256

      572ab5e1c62b3fbc5bc0b5e7886a101beb89c5a4d074ee6d1c4bc037bdb5cf73

    • SHA512

      d1bb1961698e6ae5070254270204c28ac99dfcc987eb295c9368fccbf9f62c014cb8e3194c35469161fd4bd73b642bbe8ff7598f149702325b89c1fb1d4acb91

    • SSDEEP

      24576:fcpoY4ocmpX9j2UlWW915b8/cIAwVX+o5U+tITb71b7j:JY0sX9j2UAOjIEIAwN0+tS

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks