lumma | aeb0d6cbcb89fc447e474619eec757e2034fdac3c49e04fe7f18abb7d5dcdaf8 | Triage

Sharing

General

Target

!Set-U𝕡--4177__!P𝓪$$C0𝓓𝐸#.7z
Size

1.3MB
Sample

250129-esz1watmcp
MD5

12529b237aa63684739a442e1eb0b3ec
SHA1

38caf9f5256acd0aa2b1a614c9188d9b70985381
SHA256

aeb0d6cbcb89fc447e474619eec757e2034fdac3c49e04fe7f18abb7d5dcdaf8
SHA512

2e3950d5562b72fedf6ebfb50a252934082da939f690cd0ac171803071cc5fb8db9fcd76e56c655dc9afc1165fe8581a2402cff23537136dfb19914819ef94a2
SSDEEP

24576:yvff6REftpgpYqThd6woTPl3VU1PnbDVdWSDsMtQ62hEchiSVI1NnX/7DOIHK3BJ:+X1tophRoLlFUZldTDpHO90SVa/7iIqz

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  Se𝓽up__Here/setup.exe
- Size
  
  684.6MB
- MD5
  
  c02cd1b381ad0a9283825004d552954d
- SHA1
  
  f714345eb3e65402822586dc584637d770a53c98
- SHA256
  
  fa463ce53647c745aa80597e7feaa70bf9f7569edbd11b7c7664f2c5d0a4012f
- SHA512
  
  50b38a2df9644f338fc9bac8d693dfc904770e4006b8bdfde75a1f04c708e07712968bc016bfbe77c561f91007df7398706be7dfa0bf6286e87f586fd3625d4d
- SSDEEP
  
  49152:YEA9P+bz2cHPcUb6HSb4SOEMkBee7nQckO6bAGx7jXTVz3338FRI6:Y92bz2Eb6pw7B6bAGx7p333SRI6
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer