General

  • Target

    BBYe#SM0WhOb.zip

  • Size

    1.5MB

  • Sample

    250119-tqj9zavqb1

  • MD5

    77165621a4479597106e6d17565a2388

  • SHA1

    3dc5ecf8051171845921e60dfa4bc6596c17744d

  • SHA256

    2579410e9f316e3eb80181813f87edab1b80724845b9c4fe3c3f2b065720d10b

  • SHA512

    1e045d4850899be53f760d87a715b13052c3cb4f8695ba4fc6badb2440039a1d938cd16c7e77ee9675309058dc7c53a07b0f7e070537d419c925c7e044d91e32

  • SSDEEP

    24576:UihgaXbgTUxnuYDtobOqlxlAfE/9kneR8bFg/BW1pwqABdyg0z0W7:lgaLgwJtYl48Vket/UHwXyg0V7

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://deedcompetlk.cyou/api

Targets

    • Target

      Bootstrapper/Bootstrapper.exe

    • Size

      120.0MB

    • MD5

      6a4e34aa83f72c212e76e1c228af6666

    • SHA1

      bff7c730078f0ccf5aa00c52ec0cc2fe38bd1f56

    • SHA256

      828b3c4a8e2c1eddc6bc54c1928ec562a9d4254f84a5545fa83d23419686240c

    • SHA512

      37f0d3ad8017357164aaed7664ce628491d5215c686fc798698db6d6b0f15705052dd6a10d39e8b5c98c6ba62e0f0eb451d581e3ecff530bd96cd4fb80998cfc

    • SSDEEP

      24576:utnbbEhDUbdE6bLdFiClougeEqsseyHCIAtcVZ0EIrGFTb7Tb7j:MEs/PdlhgPqsseyQtxE/Fr

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.