Overview

overview

10

Static

static

1

BoostrappersSv.exe

windows7-x64

10

BoostrappersSv.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BoostrappersSv.exe

  • Size

    1.1MB

  • Sample

    250128-amwztazrcz

  • MD5

    363a51e95adbad71753bcb5674316536

  • SHA1

    0e45bc776c0447c348ecd6764c04ecf14a3c6602

  • SHA256

    50053689dc55232b8df6601c03021b8fd62696bdcae3fcc4ab412ff730f24eb2

  • SHA512

    a2c7b3bcc8abf08ed96b5295a17f04c947f01a1b665f016d2a1ff053bce0a366871b687fd9f541f58095ad749f4854db412f4f8fe7c7e5e40e51390a270a38f4

  • SSDEEP

    24576:qwhppQXcyjToPPlBmna4rs+fUfgehHoe02NVO6:LppQMyAPPl0rs+MIehHpnl

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://uprootquincju.shop/api

Targets

    • Target

      BoostrappersSv.exe

    • Size

      1.1MB

    • MD5

      363a51e95adbad71753bcb5674316536

    • SHA1

      0e45bc776c0447c348ecd6764c04ecf14a3c6602

    • SHA256

      50053689dc55232b8df6601c03021b8fd62696bdcae3fcc4ab412ff730f24eb2

    • SHA512

      a2c7b3bcc8abf08ed96b5295a17f04c947f01a1b665f016d2a1ff053bce0a366871b687fd9f541f58095ad749f4854db412f4f8fe7c7e5e40e51390a270a38f4

    • SSDEEP

      24576:qwhppQXcyjToPPlBmna4rs+fUfgehHoe02NVO6:LppQMyAPPl0rs+MIehHpnl

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks