lumma | 75026653cd9be402306f50674ed7f8abead6d29517b76cda4a30ff1328798f3b | Triage

Submit
Reports

Overview

overview

Static

static

1

1737154984...».zip

windows7-x64

1

1737154984...».zip

windows10-2004-x64

Sharing

General

Target

1737154984__«FîleReady▬PassWord▬Is☼◄172303►».zip
Size

407KB
Sample

250118-aaawtaxjgz
MD5

ced26414ca3f2e9d6e330d76f9183f62
SHA1

f640e5339538a581d87c70b5046f109130c107d9
SHA256

75026653cd9be402306f50674ed7f8abead6d29517b76cda4a30ff1328798f3b
SHA512

be7e1e3f3ce3a1b8316fcafd1afb02155df31a7e38fd439d3c9c2c79b20f07ae94c7953ba363e94eef1c39bd46198c0d826f9632f4e5bae962450a5a052ec0a8
SSDEEP

6144:FW1lD8lJNW/1ny1qK2DpyKs2MVUGE1tg+El92nLKq4BDr6iJW/GsF02gjOtW5Ap1:krCoNhgKs2MWgJl9xKiJW+A02yV6a+

Score

10^/10

lumma discovery persistence privilege_escalation stealer

Static task

static1

Behavioral task

behavioral1

Sample

1737154984__«FîleReady▬PassWord▬Is☼◄172303►».zip

Resource

win7-20240903-en

windows7-x64

3 signatures

900 seconds

Behavioral task

behavioral2

Sample

1737154984__«FîleReady▬PassWord▬Is☼◄172303►».zip

Resource

win10v2004-20241007-en

lumma discovery persistence privilege_escalation stealer

windows10-2004-x64

23 signatures

900 seconds

Malware Config

Extracted

Family

lumma

C2

https://futfilcreat.cyou/api

Targets

- Target
  
  1737154984__«FîleReady▬PassWord▬Is☼◄172303►».zip
- Size
  
  407KB
- MD5
  
  ced26414ca3f2e9d6e330d76f9183f62
- SHA1
  
  f640e5339538a581d87c70b5046f109130c107d9
- SHA256
  
  75026653cd9be402306f50674ed7f8abead6d29517b76cda4a30ff1328798f3b
- SHA512
  
  be7e1e3f3ce3a1b8316fcafd1afb02155df31a7e38fd439d3c9c2c79b20f07ae94c7953ba363e94eef1c39bd46198c0d826f9632f4e5bae962450a5a052ec0a8
- SSDEEP
  
  6144:FW1lD8lJNW/1ny1qK2DpyKs2MVUGE1tg+El92nLKq4BDr6iJW/GsF02gjOtW5Ap1:krCoNhgKs2MWgJl9xKiJW+A02yV6a+
Score

10^/10

lumma discovery persistence privilege_escalation stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverypersistenceprivilege_escalationstealer

© 2018-2025

Terms | Privacy