General

  • Target

    Setup.exe

  • Size

    1.0MB

  • Sample

    250114-tvmkwssnhy

  • MD5

    ba52b93e35e712131abf54b3beebe9d9

  • SHA1

    5b8d0b6bc17a3df52841b8613b1979b5e449c22d

  • SHA256

    0555af36f7abfc34335e2701597f632adbecd006a4e5748ec302700298bce2c1

  • SHA512

    af4b635a658ffae9b34b0401b784106d42e5aa5c03433605881bd437d82fa0f29d5dcecf146e05c28b5029c938b8a24b85e1a375ad7574ddb20453222baf532d

  • SSDEEP

    24576:z6TQ5thBJtSyFKp7SsQOZ6hrqqLtulvMr2EH:2g/cUOchrqatuZm2EH

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://drainytwiggy.shop/api

Targets

    • Target

      Setup.exe

    • Size

      1.0MB

    • MD5

      ba52b93e35e712131abf54b3beebe9d9

    • SHA1

      5b8d0b6bc17a3df52841b8613b1979b5e449c22d

    • SHA256

      0555af36f7abfc34335e2701597f632adbecd006a4e5748ec302700298bce2c1

    • SHA512

      af4b635a658ffae9b34b0401b784106d42e5aa5c03433605881bd437d82fa0f29d5dcecf146e05c28b5029c938b8a24b85e1a375ad7574ddb20453222baf532d

    • SSDEEP

      24576:z6TQ5thBJtSyFKp7SsQOZ6hrqqLtulvMr2EH:2g/cUOchrqatuZm2EH

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks