Overview

overview

10

Static

static

3

bewerbungs...ar.exe

windows7-x64

10

bewerbungs...ar.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16285d3c4e953dd62009d46507c6ffe6a113f55345a9edb3e09fba72518dd6dc.zip

  • Size

    13.0MB

  • Sample

    250127-1tcgvsxmem

  • MD5

    3d2e00978256d429cd1a1dfe22b1b37b

  • SHA1

    44fcb1f0ea9601f9dad9ef8823838a487614232f

  • SHA256

    16285d3c4e953dd62009d46507c6ffe6a113f55345a9edb3e09fba72518dd6dc

  • SHA512

    a7dcb69a93767e5eedfeec200518da93524aa52c5ca38c692ef9d9c54af0b51db20d3cfb2c9ccfe3f56eb071c75f37493ed5041a0c480fe65e1d2622ec6379f2

  • SSDEEP

    196608:glyefQe7zhSUhSs99Y+FiftMp7qES3EHogEg5b9NZgKIYvfW1K9msiIO2ghA21:fADj99T0C9eEzP9N+Kd+okSy71

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

    • Target

      bewerbungsmaster.professional.german.incl.keygen.rar.exe

    • Size

      911.2MB

    • MD5

      59ba9c00cb882b6ccfccbd733a018b6d

    • SHA1

      615c92841b1e4f11121770d6e7e347e64457ad05

    • SHA256

      a103c50ea0998add632a7e4341a121f6b939c40cdce6ef828d2ef30c1275499a

    • SHA512

      cdcde37f5889b00665d380eb5ff1ce1d21473564c1d3eab60d441d8c31a9d11c2029f69fab503506d6b08b2fecedc9506e5f5e92c16b430c104222fe565fd69c

    • SSDEEP

      196608:656eBi63yD94k9OaSDmNz74e/E4agGW0PoNyqyv0kOVmA/kz7QAbslkF074+tLF+:zDD9fYajdXJkOVJkzCK074+tJfsU682

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks