Overview

overview

10

Static

static

1

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.exe

  • Size

    1.1MB

  • Sample

    250126-paay5s1kgv

  • MD5

    a34ee547e2668d6daacf56fbb8f4dae0

  • SHA1

    a369e5b4c65acf7f899583dbddac4fb9ad7e6071

  • SHA256

    8139fd40d8ab568339c80f0c842f4b4221e252ff1c5bf656dc18392be1bccf9e

  • SHA512

    25066ce40f7023e9dc64b639a2da95360e5709ab5ef71a2a185e54944e7d6aa4e5b68a76f22a41f58061fb50119a20434371a57f9cd7f3b03be0699ef7a7b01a

  • SSDEEP

    24576:suMKVkMPBB2n+mRSX43Q4C1EqTY34L8gQ6cHTwkpLob7Tb7j:WK+ow+m0XgqsoL8gsTwOa

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://leerborisup.shop/api

https://toppyneedus.biz/api

Targets

    • Target

      Setup.exe

    • Size

      1.1MB

    • MD5

      a34ee547e2668d6daacf56fbb8f4dae0

    • SHA1

      a369e5b4c65acf7f899583dbddac4fb9ad7e6071

    • SHA256

      8139fd40d8ab568339c80f0c842f4b4221e252ff1c5bf656dc18392be1bccf9e

    • SHA512

      25066ce40f7023e9dc64b639a2da95360e5709ab5ef71a2a185e54944e7d6aa4e5b68a76f22a41f58061fb50119a20434371a57f9cd7f3b03be0699ef7a7b01a

    • SSDEEP

      24576:suMKVkMPBB2n+mRSX43Q4C1EqTY34L8gQ6cHTwkpLob7Tb7j:WK+ow+m0XgqsoL8gsTwOa

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks