General
-
Target
🗃️ 𝕤𝕖𝕥𝕦𝕡 ≺.exe
-
Size
1.1MB
-
Sample
250704-xqcfxadk9y
-
MD5
ae736582b5692d6e72f601ec5762e49f
-
SHA1
6703f13c7039247263ddcbbff5fce3e91366eb16
-
SHA256
bdfa2e291431585fc94280f0cacd6f7bc1baae9a78842093610569956abdf04b
-
SHA512
83acdab84ad71b0dc02883c0b6c8bff42879a68574b2d52af28428d6b5a10cff075babdd33329e80041b6b36271053f953478168cfdf9fcd9713b759de50a4fa
-
SSDEEP
24576:70a2klZwdujxf/Rzvqr4nirZsFbKRZYoeiu49vfX583d:7YgZAYfZzaSboZYBiuwX58
Static task
static1
Behavioral task
behavioral1
Sample
🗃️ 𝕤𝕖𝕥𝕦𝕡 ≺.exe
Resource
win10ltsc2021-20250619-en
Malware Config
Extracted
lumma
https://t.me/sadwq223123asdsad
https://giyewf.shop/gbtw
https://ycvduc.xyz/trie
https://nbcsfar.xyz/tpxz
https://unurew.xyz/anhd
https://trsuv.xyz/gait
https://sqgzl.xyz/taoa
https://cexpxg.xyz/airq
https://urarfx.xyz/twox
https://liaxn.xyz/nbzh
-
build_id
a08e63d8a74019f197ce72190b543d73de55ef1673
Targets
-
-
Target
🗃️ 𝕤𝕖𝕥𝕦𝕡 ≺.exe
-
Size
1.1MB
-
MD5
ae736582b5692d6e72f601ec5762e49f
-
SHA1
6703f13c7039247263ddcbbff5fce3e91366eb16
-
SHA256
bdfa2e291431585fc94280f0cacd6f7bc1baae9a78842093610569956abdf04b
-
SHA512
83acdab84ad71b0dc02883c0b6c8bff42879a68574b2d52af28428d6b5a10cff075babdd33329e80041b6b36271053f953478168cfdf9fcd9713b759de50a4fa
-
SSDEEP
24576:70a2klZwdujxf/Rzvqr4nirZsFbKRZYoeiu49vfX583d:7YgZAYfZzaSboZYBiuwX58
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v16
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
3Credentials In Files
3