lumma | 3bbd66121922f68da4df1c5b46b87b166a62cc48254f5b398225778c2f7537aa

General

Target

[x86-х64]_Helper_.zip
Size

4.5MB
Sample

250113-tm7wvszqep
MD5

a7292171c5fb9c358ee694be707dc5c0
SHA1

f0b3781e4ff36efeaeeb779bfed6deabc0da3a58
SHA256

3bbd66121922f68da4df1c5b46b87b166a62cc48254f5b398225778c2f7537aa
SHA512

6119f54a319a79e14e1298b6e2c1156699841193d6b32790ae0e9175efc0681e057d10671067dfff91d2720a16909b3de86ee76eee05c95f06d1698a0c18f624
SSDEEP

98304:CiAJ/5hfp2NSjl1RytjJrTfIrVS9MNsDX0VlQM7DgZqNzP:CzYQh10NrTiS9BgjQM7Dgq

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

https://jumplilltk.cfd/api

Targets

- Target
  
  [x86-х64]_Helper_.zip
- Size
  
  4.5MB
- MD5
  
  a7292171c5fb9c358ee694be707dc5c0
- SHA1
  
  f0b3781e4ff36efeaeeb779bfed6deabc0da3a58
- SHA256
  
  3bbd66121922f68da4df1c5b46b87b166a62cc48254f5b398225778c2f7537aa
- SHA512
  
  6119f54a319a79e14e1298b6e2c1156699841193d6b32790ae0e9175efc0681e057d10671067dfff91d2720a16909b3de86ee76eee05c95f06d1698a0c18f624
- SSDEEP
  
  98304:CiAJ/5hfp2NSjl1RytjJrTfIrVS9MNsDX0VlQM7DgZqNzP:CzYQh10NrTiS9BgjQM7Dgq
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
behavioral1
- Target
  
  PA$$W0RD 1212
- Size
  
  10.0MB
- MD5
  
  427c06b63fa457cf77eae43ddcad8a97
- SHA1
  
  21cc08a0be2dac4530bc8da6d4e3abaff8e1adac
- SHA256
  
  54c2c732bbaec78c1269bfa15e1fb9e4918e45bfcf1de067bada9d47d64864a0
- SHA512
  
  c580432da5c336cb8aa2face8a81663a03742be7a4e94982332ae8c5eb07d89ac1c8d707a620b82e581b9d31ba708456edc0249c37212be67aab24f3b0162126
- SSDEEP
  
  12288:xapo1AGvvrppXEk8lyEjpFsif3qHGrZYhASW6JAsc0pU/fRUdh22TuRsPC8g7Izp:6z4ss
Score

1^/10
behavioral2
- Target
  
  [x86-х64]_Helper_.rar
- Size
  
  1.0MB
- MD5
  
  56d1360b0e512f1abf06574a79edaec4
- SHA1
  
  307a12e356794af75987e337a35889ef1abd64b0
- SHA256
  
  4bbebf6d023d9cf3c6e5293bef818f4ad622a11681d813333c42ad92f9d24ce8
- SHA512
  
  804a693ea84c6b417a8bf62fa08111bdb4944dff1cf7ba668c2e708c370f30d9bddddaf738eede7dbb0ebbadd8fd66b024fed6bffb6718ab2cc1d87b70bb3d09
- SSDEEP
  
  24576:2/BkdHPRKKMcRyHsqpBbFdx2G7cwDF8IzwP:2J2KKxyHsqphFTN7hB8CwP
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3