lumma | 856008a3c4234e8a1377480f8dd0a831c11e5889b04495e86d98b58a54c37463 | Triage

Submit
Reports

Overview

overview

Static

static

1

ActiVe_Ver...lE.exe

windows7-x64

ActiVe_Ver...lE.exe

windows10-2004-x64

Sharing

General

Target

ActiVe_Ver_Set-UpFilE.exe
Size

1.0MB
Sample

250115-r5b6ssvrft
MD5

047187c8dc466a354acb17192de48bdd
SHA1

1bf147c660bce0a5627d68e2f67c936ec38a8633
SHA256

856008a3c4234e8a1377480f8dd0a831c11e5889b04495e86d98b58a54c37463
SHA512

8aa2ee92fc73240f7cebe5c7433076a62bdf403d8b97ac6d0cbc3ec3b8b808ece418a5f836f84d5baf0b6cab44f85ddff556f3e6bad5474e0e257e5cc1d2e7a1
SSDEEP

24576:OUiOgNMUUHR4cR4/vj52mC/NqIB3X4RrBhFs:9BgW7HRb4vFq4RFhFs

Score

10^/10

lumma discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

ActiVe_Ver_Set-UpFilE.exe

Resource

win7-20240903-en

lumma discovery stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

ActiVe_Ver_Set-UpFilE.exe

Resource

win10v2004-20241007-en

lumma discovery stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://unwrittenuzy.shop/api

Targets

- Target
  
  ActiVe_Ver_Set-UpFilE.exe
- Size
  
  1.0MB
- MD5
  
  047187c8dc466a354acb17192de48bdd
- SHA1
  
  1bf147c660bce0a5627d68e2f67c936ec38a8633
- SHA256
  
  856008a3c4234e8a1377480f8dd0a831c11e5889b04495e86d98b58a54c37463
- SHA512
  
  8aa2ee92fc73240f7cebe5c7433076a62bdf403d8b97ac6d0cbc3ec3b8b808ece418a5f836f84d5baf0b6cab44f85ddff556f3e6bad5474e0e257e5cc1d2e7a1
- SSDEEP
  
  24576:OUiOgNMUUHR4cR4/vj52mC/NqIB3X4RrBhFs:9BgW7HRb4vFq4RFhFs
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

© 2018-2025

Terms | Privacy