lumma | 104d0facdcfe410bae7a9fd835c8f7324782316fa74f9c01059eff13d9834df7

Resubmissions

24-01-2025 14:59

250124-scx38stnfs 8

24-01-2025 14:56

24-01-2025 14:53

24-01-2025 14:50

24-01-2025 14:47

Sharing

Copy URL

Twitter E-mail

General

Target

R-e-l-v-3-x64.zip
Size

12.4MB
Sample

250124-r52fpatket
MD5

583b697dbb6834e3550c8ac7c0648646
SHA1

a512037894b67fe73e985d2c2ce69b96ba007e73
SHA256

104d0facdcfe410bae7a9fd835c8f7324782316fa74f9c01059eff13d9834df7
SHA512

7ece384aa829f9250ec177b81a1e1ac3e793283d3b47f4d6ca9321745ed6963028fd91d884c6a7b3991e84ef094a6d1516f230ce928a322eb834e871c8fedbe6
SSDEEP

393216:6vlDG8iK+pQ6UlWqEoPIIbdiYJiLFwUspQMDQPGCMh:6k8QpQ6A1E5IbLALFFs+gQ+n

Score

10^/10

Malware Config

Extracted

Family

lumma

https://sheayingero.shop/api

https://toppyneedus.biz/api

Targets

- Target
  
  R-e-l-v-3-x64.zip
- Size
  
  12.4MB
- MD5
  
  583b697dbb6834e3550c8ac7c0648646
- SHA1
  
  a512037894b67fe73e985d2c2ce69b96ba007e73
- SHA256
  
  104d0facdcfe410bae7a9fd835c8f7324782316fa74f9c01059eff13d9834df7
- SHA512
  
  7ece384aa829f9250ec177b81a1e1ac3e793283d3b47f4d6ca9321745ed6963028fd91d884c6a7b3991e84ef094a6d1516f230ce928a322eb834e871c8fedbe6
- SSDEEP
  
  393216:6vlDG8iK+pQ6UlWqEoPIIbdiYJiLFwUspQMDQPGCMh:6k8QpQ6A1E5IbLALFFs+gQ+n
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2
- Target
  
  README.txt
- Size
  
  124B
- MD5
  
  3b4bb14e17a60137e3e93c7adac41bcb
- SHA1
  
  de09ed28df13d9325e816d0c656582a929077876
- SHA256
  
  bde691c014e6a2527d5ef783d065edf14bcfe83b20c1ff97c22d280633b5287e
- SHA512
  
  ec76f39b6ab4c6f822a1777c78212d659d86760458da9f050fba48bef12cba054573f25fc96278b49cdb163bed41a157123c01d3897226584cd1b57a653dfb50
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Checks computer location settings

Executes dropped EXE

Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4