lumma | a127a9f08c8d0bc85dc5645820232a408a1daabb6ec2a5b4c77d58b49431a64a | Triage

Sharing

General

Target

a127a9f08c8d0bc85dc5645820232a408a1daabb6ec2a5b4c77d58b49431a64a.iso
Size

19.6MB
Sample

250114-dgfmesxlbr
MD5

57de571612c062339e240ec6808bdd05
SHA1

3948344952a69017a29c1233a9cdd3729f4ad4fd
SHA256

a127a9f08c8d0bc85dc5645820232a408a1daabb6ec2a5b4c77d58b49431a64a
SHA512

5cbc240a2aa40f84134b9e10e940b3f2e532df7b0a0a254d9302380aa6f40fb5d1decb5484e639205dafa23b5dbd7cae87e26d44593416b20a6a0eca7baf2f5e
SSDEEP

393216:SxVUrUl7eOos7orHgF4n5tZkk5b4EMqbfhYwWMr220ItXVca6cjL6OcaAeEKQHe:EVUrUl7eOuTg4VkDEMq1YpItB6YOO1Au

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://impend-differ.biz/api

https://print-vexer.biz/api

https://dare-curbys.biz/api

https://covery-mover.biz/api

https://formy-spill.biz/api

https://dwell-exclaim.biz/api

https://zinc-sneark.biz/api

https://se-blurry.biz/api

Targets

- Target
  
  msit.exe
- Size
  
  19.2MB
- MD5
  
  bb0ca87d28e7c1bfd53e3e592e75e684
- SHA1
  
  23be4528fe7dd78243845a6a08a88ce68200d59a
- SHA256
  
  d34e7af4d266688eb65118de606ffbeb36d46d488c3be604a5cb240778550cea
- SHA512
  
  217effd932ae2b5e21527bcc7a22c0f8a8ae0d89902ef00669ef9cc11463995c8c48d34d0b75b55dd50421c2abf19e8b72289abfbb7757339f825fe6ccdb59a7
- SSDEEP
  
  393216:kxVUrUl7eOos7orHgF4n5tZkk5b4EMqbfhYwWMr220ItXVca6cjL6OcaAeEKQHeg:CVUrUl7eOuTg4VkDEMq1YpItB6YOO1Af
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer