lumma | hxxps://app[.]mediafire[.]com/4ceffjmo60n3f

Resubmissions

18-04-2024 15:19

240418-sqmjnagf35 10

18-04-2024 15:18

240418-spn14ahf9v 1

Sharing

Copy URL

Twitter E-mail

General

Target

https://app.mediafire.com/4ceffjmo60n3f
Sample

240418-sqmjnagf35

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

https://pushjellysingeywus.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

- Target
  
  https://app.mediafire.com/4ceffjmo60n3f
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer

Executes dropped EXE

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1

behavioral2