Overview

overview

10

Static

static

1

0eb44447fe...77.exe

windows7-x64

10

0eb44447fe...77.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5ad4ff917923475ef8a6837f749bf0c94b47783f572d70a8846c7cf8022371d5.zip

  • Size

    3.9MB

  • Sample

    250128-g134lszlgw

  • MD5

    88a874326540d5fb7220f95f4391abd2

  • SHA1

    6c2cc87cbd32ca3302ee13af6f29576189b0b297

  • SHA256

    5ad4ff917923475ef8a6837f749bf0c94b47783f572d70a8846c7cf8022371d5

  • SHA512

    82f56f73e381cdddf268f7136e977a4e897fe1b30e77b8f0dabbc6301ffec995343c733f3eb5b721c5fb5dc29c4f70a4ca45debb887345e1ed53f3af0b9abe7f

  • SSDEEP

    98304:+bb975tMPTzcYhh2WJ0lb90ygYwCHRn/DrtFySG18k+to:+l75tM/fhh2W6x07RCxn/SSGe3o

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

    • Target

      0eb44447fe01d942d8972c146a7196f157985e49f780187545bc867992c13577

    • Size

      639.7MB

    • MD5

      6ee335bab5d56ee573caa2c3daf659a6

    • SHA1

      bde5744100faa5ca58fbe49c894cf8815c928dec

    • SHA256

      0eb44447fe01d942d8972c146a7196f157985e49f780187545bc867992c13577

    • SHA512

      bc03e8da6cda348e3c9c436c612c35382ec5dd49ba605f19e67950d865e688f79d192eeb6fa2e5b574d65954aa3b9d93f25b4542e26f211e728f81b6b0a3f177

    • SSDEEP

      98304:bnb95THK/RTSOvdhwpUPTzcAgqAk5Frd1/BpeAM:bx5THKhpvdhwc/cNBk3rdoAM

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks