lumma | hxxps://bing[.]com | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://bing.com

windows10-1703-x64

Resubmissions

29-04-2024 08:42

240429-kma3fseh51 10

28-04-2024 12:51

240428-p3kdaagb82 6

28-04-2024 12:50

240428-p3c9zagb79 1

28-04-2024 12:50

240428-p2xxzsge81 1

27-04-2024 12:26

240427-pmpcasba9v 10

25-04-2024 15:48

240425-s8x34scc35 10

24-04-2024 16:46

240424-t97jlsdd7t 10

24-04-2024 12:25

240424-pllj1shg8y 10

23-04-2024 15:49

240423-s9tgbahf57 10

23-04-2024 10:17

240423-mbcg9afd94 1

Sharing

General

Target

https://bing.com
Sample

240420-j85nhsda9w

Score

10^/10

lumma stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://bing.com

Resource

win10-20240404-en

windows10-1703-x64

23 signatures

1800 seconds

Malware Config

Extracted

Family

lumma

C2

https://mazefearcontainujsy.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

- Target
  
  https://bing.com
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

© 2018-2024

Terms | Privacy