Overview

overview

10

Static

static

1

a9d991a32a...0b.exe

windows7-x64

10

a9d991a32a...0b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9d991a32ae5b5453fac9865af09f384eb0846c330d60c454770bb5d8728db0b.exe

  • Size

    1.1MB

  • Sample

    250123-emnews1ney

  • MD5

    91ff2b0559b9f82d7fbc63711bdacbd4

  • SHA1

    cbcfc07e0f4c4f18bb98503bb805817085787685

  • SHA256

    a9d991a32ae5b5453fac9865af09f384eb0846c330d60c454770bb5d8728db0b

  • SHA512

    85b23b7ae91d1dfaeddac4ff635e00728b16ab64f539c25d1a40d517cdeb828963d1ded18ad5d6aab827ab1dd516bd4254019998453081017e5cbe987910a6d2

  • SSDEEP

    24576:2/sOQxs5c0WsKEF3KVOay/dDWg1uL2c+8+GzScniBbRe3fL3w3:ZT0W2qy/RWgjcP+yiBbkD3w3

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://amazingmassivei.shop/api

https://toppyneedus.biz/api

https://suggestyuoz.biz/api

Targets

    • Target

      a9d991a32ae5b5453fac9865af09f384eb0846c330d60c454770bb5d8728db0b.exe

    • Size

      1.1MB

    • MD5

      91ff2b0559b9f82d7fbc63711bdacbd4

    • SHA1

      cbcfc07e0f4c4f18bb98503bb805817085787685

    • SHA256

      a9d991a32ae5b5453fac9865af09f384eb0846c330d60c454770bb5d8728db0b

    • SHA512

      85b23b7ae91d1dfaeddac4ff635e00728b16ab64f539c25d1a40d517cdeb828963d1ded18ad5d6aab827ab1dd516bd4254019998453081017e5cbe987910a6d2

    • SSDEEP

      24576:2/sOQxs5c0WsKEF3KVOay/dDWg1uL2c+8+GzScniBbRe3fL3w3:ZT0W2qy/RWgjcP+yiBbkD3w3

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks