lumma | 3580962e7151aea9507413341558f760c60987546887c85edb3745e4ed844d0a | Triage

Sharing

General

Target

@#!Open_File_2255_Pa$ṣW0rD%$.rar
Size

19.7MB
Sample

240424-m4vjjaha6v
MD5

c2c6fd9beca25d65a7c02a813e852778
SHA1

9842b7b8436af683e396ca9d320f7d491efd0395
SHA256

3580962e7151aea9507413341558f760c60987546887c85edb3745e4ed844d0a
SHA512

34b6dc5b3e776a007006330eee7fb1703d682c21604706594e9463fb93d203a7e5c2fede08b28d13b58d7083ca594a305b788494e0ccf2b0a8768475e4165d5f
SSDEEP

393216:/rqazJxLPyPL0YMa1vDU9JJ/rDkEpGqyuS/uWEFI:/+6T0buywWmI

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://warmstrawcounwyhj.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  2.3MB
- MD5
  
  5d52ef45b6e5bf144307a84c2af1581b
- SHA1
  
  414a899ec327d4a9daa53983544245b209f25142
- SHA256
  
  26a24d3b0206c6808615c7049859c2fe62c4dcd87e7858be40ae8112b0482616
- SHA512
  
  458f47c1e4ccf41edaacc57abb663ee77ca098fffc596fad941bbdea67653aeabc79b34d607078b9ee5adb45614e26f5c28a09e8faf9532081fdd5dec9ac3c48
- SSDEEP
  
  49152:DzO+g39FbI0eQf/Z3CarWedoYAmXviDTMtT2wkqN5K:DzO19Fnf/hdoYAm9ZkqN5K
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2