lumma | 788a22b97ca95c43c8d8e54c1aaec37a71facd2ea5c2f559b59c4491206b59c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

788a22b97ca95c43c8d8e54c1aaec37a71facd2ea5c2f559b59c4491206b59c7
Size

1.0MB
Sample

240507-26nw4add2y
MD5

d83d0466e520b764a808d366f8fb8891
SHA1

a60862513d3b48251681d3a7c0d586418463d9b7
SHA256

788a22b97ca95c43c8d8e54c1aaec37a71facd2ea5c2f559b59c4491206b59c7
SHA512

4bad480363914275d86e049130ae0737dc13a2c4cf234d055ca5a4ba81201f3b7c427c72a1fb80a01caf34068e3b8dafbcfdfeee69d9cf38206dac78c616a29f
SSDEEP

24576:1MwqzRJ1bQrwLeP5aAP1n7T7htBn64EWgYakmfVtjzvEEXCE:1MwyH1bQrwLeP4APlVbSWmk+tjzHyE

Score

10^/10

lumma execution stealer

Malware Config

Extracted

Family

lumma

C2

https://boredimperissvieos.shop/api

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

Targets

- Target
  
  788a22b97ca95c43c8d8e54c1aaec37a71facd2ea5c2f559b59c4491206b59c7
- Size
  
  1.0MB
- MD5
  
  d83d0466e520b764a808d366f8fb8891
- SHA1
  
  a60862513d3b48251681d3a7c0d586418463d9b7
- SHA256
  
  788a22b97ca95c43c8d8e54c1aaec37a71facd2ea5c2f559b59c4491206b59c7
- SHA512
  
  4bad480363914275d86e049130ae0737dc13a2c4cf234d055ca5a4ba81201f3b7c427c72a1fb80a01caf34068e3b8dafbcfdfeee69d9cf38206dac78c616a29f
- SSDEEP
  
  24576:1MwqzRJ1bQrwLeP5aAP1n7T7htBn64EWgYakmfVtjzvEEXCE:1MwyH1bQrwLeP4APlVbSWmk+tjzHyE
Score

10^/10

execution lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Process Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummaexecutionstealer