General

  • Target

    Bootstrapper.exe

  • Size

    120.0MB

  • Sample

    250119-vmpkysxlay

  • MD5

    6a4e34aa83f72c212e76e1c228af6666

  • SHA1

    bff7c730078f0ccf5aa00c52ec0cc2fe38bd1f56

  • SHA256

    828b3c4a8e2c1eddc6bc54c1928ec562a9d4254f84a5545fa83d23419686240c

  • SHA512

    37f0d3ad8017357164aaed7664ce628491d5215c686fc798698db6d6b0f15705052dd6a10d39e8b5c98c6ba62e0f0eb451d581e3ecff530bd96cd4fb80998cfc

  • SSDEEP

    24576:utnbbEhDUbdE6bLdFiClougeEqsseyHCIAtcVZ0EIrGFTb7Tb7j:MEs/PdlhgPqsseyQtxE/Fr

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://deedcompetlk.cyou/api

Targets

    • Target

      Bootstrapper.exe

    • Size

      120.0MB

    • MD5

      6a4e34aa83f72c212e76e1c228af6666

    • SHA1

      bff7c730078f0ccf5aa00c52ec0cc2fe38bd1f56

    • SHA256

      828b3c4a8e2c1eddc6bc54c1928ec562a9d4254f84a5545fa83d23419686240c

    • SHA512

      37f0d3ad8017357164aaed7664ce628491d5215c686fc798698db6d6b0f15705052dd6a10d39e8b5c98c6ba62e0f0eb451d581e3ecff530bd96cd4fb80998cfc

    • SSDEEP

      24576:utnbbEhDUbdE6bLdFiClougeEqsseyHCIAtcVZ0EIrGFTb7Tb7j:MEs/PdlhgPqsseyQtxE/Fr

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.