lumma | a50393843e9cd5fc754098377b78af3ad3f4731ebb79830bb0edb56ca3dbece5 | Triage

Sharing

General

Target

#Pa$$w0rD__5567--0peɴ_Set-Up#$.zip
Size

10.8MB
Sample

250113-g75k1ssnhq
MD5

f96202a20dbbe93131fb1f3035013507
SHA1

a312d5e8ab3adedc14fac3f0c2c6618fb01bf833
SHA256

a50393843e9cd5fc754098377b78af3ad3f4731ebb79830bb0edb56ca3dbece5
SHA512

49bd11d3d256036ebd0448415d539b7024e9219867817bd10bb33ac4e7a22b769c916b50b104ac38971bf98f57da4a1c319a15023d5534e798e69acec8044479
SSDEEP

196608:azcw72+hAscuMLLMu9ia2P4A+DkF/SjLpMj1syona9ryk5WRZajMkCm0ZvcAOTSP:a4wphA9Rpia3A+Do/SjLGjrQa9ry0+S6

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://kitealivejz.shop/api

Targets

- Target
  
  #Pa$$w0rD__5567--0peɴ_Set-Up#$.zip
- Size
  
  10.8MB
- MD5
  
  f96202a20dbbe93131fb1f3035013507
- SHA1
  
  a312d5e8ab3adedc14fac3f0c2c6618fb01bf833
- SHA256
  
  a50393843e9cd5fc754098377b78af3ad3f4731ebb79830bb0edb56ca3dbece5
- SHA512
  
  49bd11d3d256036ebd0448415d539b7024e9219867817bd10bb33ac4e7a22b769c916b50b104ac38971bf98f57da4a1c319a15023d5534e798e69acec8044479
- SSDEEP
  
  196608:azcw72+hAscuMLLMu9ia2P4A+DkF/SjLpMj1syona9ryk5WRZajMkCm0ZvcAOTSP:a4wphA9Rpia3A+Do/SjLGjrQa9ry0+S6
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2
- Target
  
  #Pa$$w0rD__5567--0peɴ_Set-Up#$.7z
- Size
  
  10.8MB
- MD5
  
  8a8fdd3c002cd00778cbfda5426972f8
- SHA1
  
  2fa03f4bc0eef9073d7b1e68cfaeb1d2b63b8713
- SHA256
  
  99c705e030f7c9f9602d760fc27e882a36439f1368f4f2214f96917e1976c427
- SHA512
  
  eba67df3fa95936c6cfb407ac708d90930db0c7240255f920a5ece08c3a78164b7a3c47d3d009715e5a62009827295c6571c006918410c9eb3cab06d4182a924
- SSDEEP
  
  196608:Tzcw72+hAscuMLLMu9ia2P4A+DkF/SjLpMj1syona9ryk5WRZajMkCm0ZvcAOTS+:T4wphA9Rpia3A+Do/SjLGjrQa9ry0+Sr
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

behavioral4