Lumma | Threat Level: critical | Type: Infostealer

Cryptographic Identifiers

SHA25658fa589c19a85c7233e8fb2b2616672a1e6de8902456ddc63f89f6f0563c5ced
MD57b34b00d2cd5678d3b49d56cb1539a5f
File Typeexe
Size372.0 KB
First Seen2025-07-15
File Namedump.bin
Tagsexe, lumma, LummaStealer

Malware Family: Lumma

LummaC2, gelişmiş MaaS infostealer'dır.

TypeInfostealer
Programming LanguageC++
Target PlatformWindows
C2 ProtocolHTTPS
PurposeKapsamlı kimlik bilgisi hırsızlığı
First Seen Year2022
AliasesLummaC2

Threat Indicators (IOC)

  • SHA256: 58fa589c19a85c7233e8fb2b2616672a1e6de8902456ddc63f89f6f0563c5ced
  • MD5: 7b34b00d2cd5678d3b49d56cb1539a5f

You can verify all hash values of this sample on VirusTotal.

System Cleanup Guide

  1. Disconnect the system from the network immediately
  2. Yeni bir cihazdan banka hesabı, sosyal medya ve e-posta şifrelerini değiştirin
  3. Move crypto wallets to a new address and abandon the old ones
  4. Start a full scan with up-to-date antivirus
  5. Clear saved browser passwords and enable 2FA
  6. Sign out of all sessions on every affected service

YARA Rule Hints

rule Lumma_SHA256 {
    meta:
        description = "Lumma sample: 58fa589c19a85c72"
        threat_level = "critical"
        first_seen = "2025-07-15"
    condition:
        hash.sha256(0, filesize) == "58fa589c19a85c7233e8fb2b2616672a1e6de8902456ddc63f89f6f0563c5ced"
}

Lumma — Malware Profile

LummaC2, gelişmiş MaaS infostealer'dır.

Malware Type
Infostealer
Programming Language
C++
C2 Protocol
HTTPS
Target Systems
Windows
Also Known As (AKA)
LummaC2

Capabilities & Behavior

Tarayıcı Kimlik Bilgileri
Çerez Hırsızlığı
Kripto Cüzdan Çalma
Sistem Bilgisi
Ekran Görüntüsü
FTP/SSH İstemci Şifreleri
E-posta İstemcisi Çalma
Veri Sızıntısı

IOC List (2 indicators)

IOC — Lumma
# SHA256 58fa589c19a85c7233e8fb2b2616672a1e6de8902456ddc63f89f6f0563c5ced # MD5 7b34b00d2cd5678d3b49d56cb1539a5f
TypeValueNote
sha256 58fa589c19a85c7233e8fb2b2616672a1e6de8902456ddc63f89f6f0563c5ced Sample:Lumma
md5 7b34b00d2cd5678d3b49d56cb1539a5f Sample:Lumma
Tags
lummainfostealermalwarecriticalsha256hash-analizi