lumma | 4dce4b8e82d08c5714447cbad8fe62c4576f2362715bfeb4876c0bd07f90f239 | Triage

Sharing

General

Target

4dce4b8e82d08c5714447cbad8fe62c4576f2362715bfeb4876c0bd07f90f239
Size

5.7MB
Sample

240418-2jwcnagg94
MD5

7749ef190d55e7cebfe8a345a5ed3756
SHA1

4918fa5ab5e2ad4022c7c87abac995823636ed3b
SHA256

4dce4b8e82d08c5714447cbad8fe62c4576f2362715bfeb4876c0bd07f90f239
SHA512

e7966823db1867326bb911c8f0ab6d91c0b4743d013035bf75ef45a818ed145bdca227dbc578f9d39246a48ba482390de40bbbe60950afe7f41d03814ec9afc3
SSDEEP

49152:73UVYQ6WKxmWHwTr6RmWQdqzDyfaOk8dHTwhPfYESvLiPLjs5EVx3bMkh7fCazJq:Xmew/fWhHmdHkKvHEVvui4e5H+e

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://greetclassifytalk.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

- Target
  
  4dce4b8e82d08c5714447cbad8fe62c4576f2362715bfeb4876c0bd07f90f239
- Size
  
  5.7MB
- MD5
  
  7749ef190d55e7cebfe8a345a5ed3756
- SHA1
  
  4918fa5ab5e2ad4022c7c87abac995823636ed3b
- SHA256
  
  4dce4b8e82d08c5714447cbad8fe62c4576f2362715bfeb4876c0bd07f90f239
- SHA512
  
  e7966823db1867326bb911c8f0ab6d91c0b4743d013035bf75ef45a818ed145bdca227dbc578f9d39246a48ba482390de40bbbe60950afe7f41d03814ec9afc3
- SSDEEP
  
  49152:73UVYQ6WKxmWHwTr6RmWQdqzDyfaOk8dHTwhPfYESvLiPLjs5EVx3bMkh7fCazJq:Xmew/fWhHmdHkKvHEVvui4e5H+e
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2