lumma | 38c4626697bece1ce2266633a4df1529b9090a538c9751fedfa89bcfbe0f957e | Triage

Resubmissions

18-04-2024 13:53

240418-q62bmseh86 10

Sharing

General

Target

spoofer.exe
Size

304KB
Sample

240418-q62bmseh86
MD5

01c62c914f47273aa259f018ff2d2cf5
SHA1

6b692198f3d97a95ffecb320a7b6ccb05e2d1f7d
SHA256

38c4626697bece1ce2266633a4df1529b9090a538c9751fedfa89bcfbe0f957e
SHA512

5d5cbef10973551032d05f21235626ee6300ac40eeab42ed7996b9edb824874d5fdfcb0c7cc36d02a5a59c01e651eec9645fa80faceab998c7ea23df10a6722e
SSDEEP

6144:vKC69Wu6YlTFQbIjUzEngrtcYbTUYWWYQSdndHPzoOCPaq9sbgABl:iCs6YZFQEOEnItiQStdHbz3zN

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

- Target
  
  spoofer.exe
- Size
  
  304KB
- MD5
  
  01c62c914f47273aa259f018ff2d2cf5
- SHA1
  
  6b692198f3d97a95ffecb320a7b6ccb05e2d1f7d
- SHA256
  
  38c4626697bece1ce2266633a4df1529b9090a538c9751fedfa89bcfbe0f957e
- SHA512
  
  5d5cbef10973551032d05f21235626ee6300ac40eeab42ed7996b9edb824874d5fdfcb0c7cc36d02a5a59c01e651eec9645fa80faceab998c7ea23df10a6722e
- SSDEEP
  
  6144:vKC69Wu6YlTFQbIjUzEngrtcYbTUYWWYQSdndHPzoOCPaq9sbgABl:iCs6YZFQEOEnItiQStdHbz3zN
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1