LummaC2 is a new generation stealer, average knock 75-85%, works even on clean systems, no dependencies (AT ALL), log decryption on the server, build weight 150-300KB, steals Chromium and Mozilla based browsers, steals ~70 browser cryptocurrency and 2FA extensions, has a non-resident Loader, low-level adaptive filegrabber, and the latest unique development – BINARY MORPHER.
LummaC2 is updated literally every two hours, add your specific browser or your specific extension – 2 clicks!
LummaC2 is a new generation stealer, which average response is currently 90%.
• Works on clean systems, no dependencies at all, log decoding completely on server, build weight 150-200KB (depends on cleanup). Steals browsers based on Chromium and Mozilla. Excellent low-level fast file grabber, steals ~70 browser-based cryptocurrencies and 2FA extensions. Аlso has the latest and unparalleled development – a binary morpher!
• LummaC2 updated literally every two hours, add your specific browser or your specific extension – 2 minutes!
• Stealer can be put on your botnet.
• There’s a setting for knocking logs to Telegram.
Technical information:
The language used in development is C
Almost no high-level WINAPI is used
All interaction with the operating system is through low-level wrapper calls, written in ASM, over system calls, no WinAPI, only manual syscall calls
Implemented Heavens Gate technology allowing to switch from WoW64 mode
Where WinAPI is used – its calls are encrypted (read custom GetProcAddress)
All decryption is fully server-side, all data sent by the stealer is decrypted on the server
In order to increase response data is sent in chunks
The weight of the build is 150KB, CRT is present, not turned off, who is very important weight can link CRT from another studio, the weight will decrease, UPX compresses the build to 80KB, but do so do not recommend
Neighbor detection system, traffic quality monitoring system
File grabber also works through low-level system calls
All code is 100% unique (not the paste from other stealers, not even the paste from a previous version of the LummaC stealer)
System calls support ARM, x86, x64 architectures, allowing you to run it even on new macs in virtual Windows machines
Stealer is tested on versions of operating systems ranging from Windows 7 x32 to Windows 11 x64 with the latest updates
•All code on which this product was written is 100% unique! Crypt is mandatory.
FAQ
Question: What happens after my subscription ends?
Answer: If your subscription ends, your traffic will not go anywhere, after the resumption of the subscription, logs during your inactivity will be waiting for you in the panel, this applies to ALL tariff plans.
Question: What guarantee on bounce rate?
A: It is impossible to say for sure at any particular moment, it depends on crypto and on how much time has passed after cleaning. In average on different exchanges and different crypto is 75%.
Question: If I bought some tariff and its price increased during the process, will I pay this difference in price?
Answer: The clients, who bought the tariff the price is not indexed, the prices are indexed only for the new clients.
Question: How often does the cleaning take place?
Answer: We try to clean the build as often as possible. All tariffs except corporate are cleaned every 5 days. Corporate rate is cleaned every 2 days.
Pricing Plans
EXPERIENCED
-Set filters up to 20 pcs.
– Download logs in bulk
– Possibility to upload logs by your search query (for example – only with wallets or only with instagram.com)
– Ability to use search by parameters (country, with or without currency, with a specific filter)
– Ability to clear dumps, dumps statistics on the “quality of logs” page
PRICE: $250/month
PROFESSIONAL
– All features of previous privileges
– Unlimited number of filters
– Logs can be deleted in bulk (by zeroing the counter)
– Share your stats with others
– Logs quality widget available
– Filter widget is available
– Search widened, logs search and downloading is available by request (in cookies/passwords)
– Ability to monitor number of neighbors in logs
– Logs quality rating system available
– All innovations appear here first, then move (or not) to groups below
PRICE: $500/month
CORPORATE
– Previous privileges features
– Ability to install the panel on your server (optional, build updates will come, panel updates will not)
– Dedicated build cleanup line, build is cleaned more often
– Improved bypass of proactive protection (no message LummaC2.exe tries to access password store), build lives longer
– Great for you-know-where point-level security breaches
PRICE: $1.000/month
• Added a system to automatically check hashes of given out files on VirusTotal, whose hash will be found clean:
BAN WITHOUT REFUND (applies to all tariffs)
Update 27.07
One of the updates that seems insignificant from the client side, but gives a very big step forward for those who work with malware and stealers in particular . It’s no secret that the main problem of stealers is that the build begins to die immediately after cleaning and gradually the sound of the once crystal clear build fades away , but what’s even worse is that you have to wait until the cleaning is done . We are fixing this issue. Now, when you click on the build download button, you will always … A randomly generated build will be issued thanks to our morpher . And yes, this is not the source morpher that is optimized during compilation, these are not cheap fakes of competitors, this is a personal development on which we spend a lot of time and money, this is a product of a different quality that allows you to make completely different builds every compilation (they even have different weights). ), so do not confuse this development with, for example, Garble (an obfuscator for Golang, hello to all Go stealers), and now this beast is available in higher plans.
1. Now, when downloading a build in the panel , you will always get a randomly generated build.
2. A general cleaning was carried out for all tariffs.
Update 27.07
One of the updates that seems insignificant from the client side, but gives a very big step forward to those who work with malware and stealers in particular. It’s no secret that the main problem with stealers is that the build starts to die immediately after cleaning and gradually the knock of the once crystal clear build comes to naught , but even worse – you have to wait until the cleaning is done. We fix this problem. Now when you click on the button to download a build you will always … A randomly generated build thanks to our morpher. And yes, this is not the source morpher which is optimized during compilation, this is not cheap knockoffs of competitors, this is a personal development on which we spend a lot of time and money, this is a product of a different quality, which allows you to make completely different builds every compilation (they even have different weights), so do not confuse this development with Garble (obfuscator for Golang, hello to all stealers on Go), and now this beast is available in senior rates.
1. Now when downloading a build in the panel you will always get a randomly generated build.
2. A general cleanup has been done for all tariffs.