lumma | cc6e1bd7ebe5a39b4d45c92b4d8d7a70509a74ea5ee29a4a79a601ed2ff8392e | Triage

Sharing

General

Target

804b1a320ca4610b1e44af97fd9c295a.bin
Size

373KB
Sample

240419-bv9fjsdg9t
MD5

d7977a518984441855e30cda1c3ff0d0
SHA1

2d4a92f18da209a7ad6315ea8166cc7d019fb932
SHA256

cc6e1bd7ebe5a39b4d45c92b4d8d7a70509a74ea5ee29a4a79a601ed2ff8392e
SHA512

691ca7d9ec524be839afbbb64a8656f58d01f4e4f6687e2e498250d958a6602876c9ad58783543a905ad0561070fb98218fb652b6ea6daa3a2eb9fc31110b207
SSDEEP

6144:oplBeBF5S36VTi9/ydP7vl7sDnfWg8RqTz1Cid2i:oplBeBF52GIyPLaDnP8RqHQi

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

- Target
  
  9b8c538cfaba9cfa4fc75ed96b8846f240d0bf3a7f440609964ad31aaabdcfc8.exe
- Size
  
  422KB
- MD5
  
  804b1a320ca4610b1e44af97fd9c295a
- SHA1
  
  5be4e86aa94c00cc0fb69292b71ce2581493b144
- SHA256
  
  9b8c538cfaba9cfa4fc75ed96b8846f240d0bf3a7f440609964ad31aaabdcfc8
- SHA512
  
  fdd88ccf44b3e0c27c022bd9e936f05cae73a260e408078a18ae9b8995451a8d7bb677d152c79e0e70c41bf66439530b03b707fdad3826c5edfc745452a62b8c
- SSDEEP
  
  12288:qy3q/jkZxUcjAWlwTfTLqREbVd09PSVk4po:LqbkZ3ObiRmd00S
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2