lumma | 940c1abb65e2518711e47202e4dc8525aa7c8e895eb80a5b1ed2ae20f0c5eeb3 | Triage

Submit
Reports

Overview

overview

Static

static

4

Set-up.exe

windows7-x64

Set-up.exe

windows10-2004-x64

Sharing

General

Target

#Pa$$w0rD__6678--0peɴ_Set-Up@#.7z
Size

10.2MB
Sample

250130-kmwddsyjej
MD5

1d0bc4361480f653c940e00c8a2ea8f0
SHA1

63c43265dc819da9e4b856f3c3cc1385035d3a2d
SHA256

940c1abb65e2518711e47202e4dc8525aa7c8e895eb80a5b1ed2ae20f0c5eeb3
SHA512

08427be75e0c79c5271d9c2467fa341a7fab43d8a2c940301adc0d6f72d7b1d6e63ac5a39d779fb81638f4f6bc0696a9abd6cddf7a29144d8a5b49c648b94d95
SSDEEP

196608:rTq46sUCFZHIRF4lTDdUu23/aX3JneNkLZsiio3dwGxm+fuz:rTq4Ec2RFmUxvapnYkLCiZtwENM

Score

10^/10

lumma discovery link pdf stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Set-up.exe

Resource

win7-20240903-en

lumma discovery stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

Set-up.exe

Resource

win10v2004-20250129-en

lumma discovery stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://warmconfuse.biz/api

https://toppyneedus.biz/api

Targets

- Target
  
  Set-up.exe
- Size
  
  80.0MB
- MD5
  
  ad357b13635d86920b9d1b010c988695
- SHA1
  
  055227c79d141a1dd2d971868a68625ce46ada65
- SHA256
  
  a085fc669f08a141040364f1a57bbaf323e147c6f3994f8fe1eabbc49f627fb7
- SHA512
  
  1b567746abb360d576060c8033abace8df8e97331978e60e5e452c2e4b6e07b97a715b5a072a4050e8dc78f3b64c47a55293aebabdaba0e59a396d8d668bbcef
- SSDEEP
  
  24576:1x/ma9CefrwEKy9iF/9U+ndQwmunIW/4znJY/34L8rzLD3Z2U6vhvVL:h9TwEKEk/mcL6bznmv4L8XLzih1
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

© 2018-2025

Terms | Privacy