lumma | 6e2abb83c7dac9f203ba6cdb4be11fe3ba64c783d197bc54221eb220f48dcd07 | Triage

Submit
Reports

Overview

overview

Static

static

1

b--o--t--s...64.zip

windows10-ltsc 2021-x64

b--o--t--s...64.zip

windows11-21h2-x64

5

Sharing

General

Target

b--o--t--s--t--r--a--p-x64.zip
Size

12.0MB
Sample

250127-1qz4raxler
MD5

3c3185803d3bc3ac05daa690ac28fd5e
SHA1

5f2a217f2b3d1eaa872c37b3094c60c33bba0930
SHA256

6e2abb83c7dac9f203ba6cdb4be11fe3ba64c783d197bc54221eb220f48dcd07
SHA512

75afdced01f933823ed37e2f3b6d2296421e255c170372d96799e81ef702ab9539d924f5851e3553cc13b6afa0ae0c9d7686513dd3287cd6eae88aa88b7166ff
SSDEEP

196608:Ypk+8bgSAY3rVUsUCi7mh4JlLFr2XrJP45CaTO7x8kaN9Sb+g896tJONKUfg9r0:lgSAY3rVUdC54JlLIX1sT2x8kPiV96tw

Score

10^/10

lumma discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

b--o--t--s--t--r--a--p-x64.zip

Resource

win10ltsc2021-20250113-en

lumma discovery stealer

windows10-ltsc 2021-x64

25 signatures

600 seconds

Behavioral task

behavioral2

Sample

b--o--t--s--t--r--a--p-x64.zip

Resource

win11-20241007-en

windows11-21h2-x64

16 signatures

600 seconds

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  b--o--t--s--t--r--a--p-x64.zip
- Size
  
  12.0MB
- MD5
  
  3c3185803d3bc3ac05daa690ac28fd5e
- SHA1
  
  5f2a217f2b3d1eaa872c37b3094c60c33bba0930
- SHA256
  
  6e2abb83c7dac9f203ba6cdb4be11fe3ba64c783d197bc54221eb220f48dcd07
- SHA512
  
  75afdced01f933823ed37e2f3b6d2296421e255c170372d96799e81ef702ab9539d924f5851e3553cc13b6afa0ae0c9d7686513dd3287cd6eae88aa88b7166ff
- SSDEEP
  
  196608:Ypk+8bgSAY3rVUsUCi7mh4JlLFr2XrJP45CaTO7x8kaN9Sb+g896tJONKUfg9r0:lgSAY3rVUdC54JlLIX1sT2x8kPiV96tw
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

© 2018-2025

Terms | Privacy