lumma | d34e7af4d266688eb65118de606ffbeb36d46d488c3be604a5cb240778550cea | Triage

Sharing

General

Target

msit.exe
Size

19.2MB
Sample

250113-jdhv9svpcl
MD5

bb0ca87d28e7c1bfd53e3e592e75e684
SHA1

23be4528fe7dd78243845a6a08a88ce68200d59a
SHA256

d34e7af4d266688eb65118de606ffbeb36d46d488c3be604a5cb240778550cea
SHA512

217effd932ae2b5e21527bcc7a22c0f8a8ae0d89902ef00669ef9cc11463995c8c48d34d0b75b55dd50421c2abf19e8b72289abfbb7757339f825fe6ccdb59a7
SSDEEP

393216:kxVUrUl7eOos7orHgF4n5tZkk5b4EMqbfhYwWMr220ItXVca6cjL6OcaAeEKQHeg:CVUrUl7eOuTg4VkDEMq1YpItB6YOO1Af

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://impend-differ.biz/api

https://print-vexer.biz/api

https://dare-curbys.biz/api

https://covery-mover.biz/api

https://formy-spill.biz/api

https://dwell-exclaim.biz/api

https://zinc-sneark.biz/api

https://se-blurry.biz/api

Targets

- Target
  
  msit.exe
- Size
  
  19.2MB
- MD5
  
  bb0ca87d28e7c1bfd53e3e592e75e684
- SHA1
  
  23be4528fe7dd78243845a6a08a88ce68200d59a
- SHA256
  
  d34e7af4d266688eb65118de606ffbeb36d46d488c3be604a5cb240778550cea
- SHA512
  
  217effd932ae2b5e21527bcc7a22c0f8a8ae0d89902ef00669ef9cc11463995c8c48d34d0b75b55dd50421c2abf19e8b72289abfbb7757339f825fe6ccdb59a7
- SSDEEP
  
  393216:kxVUrUl7eOos7orHgF4n5tZkk5b4EMqbfhYwWMr220ItXVca6cjL6OcaAeEKQHeg:CVUrUl7eOuTg4VkDEMq1YpItB6YOO1Af
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer