lumma | a8bd7db8fd786b347734747368791d8017120cf5858453b96417c4a4ff2c6765 | Triage

Sharing

General

Target

0P3N.ME-VER[%xEkCCOC#HuO].zip
Size

12.0MB
Sample

250118-1m56lawjb1
MD5

6e0f86bd8de38abfb21f5c2ed34d322e
SHA1

278e8c98c707836522bb988919ac610155de344a
SHA256

a8bd7db8fd786b347734747368791d8017120cf5858453b96417c4a4ff2c6765
SHA512

655ec0a1d0723a23ae5c5732e6cfed2ad64e3581265a3c28ceb2fff4075fb9f062ff3c60437f4cf635540fa5b4918c99b43514ebc8bf157aca035528a1ff2ba5
SSDEEP

196608:DEqConWmlQxDh4j+5TDj4rk0UF4VI41YpXvN35D1AAqODFnIMdmEBIAgcXNQ:DEqRHQN6y5T3pYm4HAqODiMkEBIAgkQ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://deedcompetlk.cyou/api

Targets

- Target
  
  0P3N.ME-VER[%xEkCCOC#HuO].zip
- Size
  
  12.0MB
- MD5
  
  6e0f86bd8de38abfb21f5c2ed34d322e
- SHA1
  
  278e8c98c707836522bb988919ac610155de344a
- SHA256
  
  a8bd7db8fd786b347734747368791d8017120cf5858453b96417c4a4ff2c6765
- SHA512
  
  655ec0a1d0723a23ae5c5732e6cfed2ad64e3581265a3c28ceb2fff4075fb9f062ff3c60437f4cf635540fa5b4918c99b43514ebc8bf157aca035528a1ff2ba5
- SSDEEP
  
  196608:DEqConWmlQxDh4j+5TDj4rk0UF4VI41YpXvN35D1AAqODFnIMdmEBIAgcXNQ:DEqRHQN6y5T3pYm4HAqODiMkEBIAgkQ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer