lumma | 2a76913fc75493ada5b7d8b7b65e855a2daff70679da562ca6f1b8864fdabf39 | Triage

Sharing

General

Target

2a76913fc75493ada5b7d8b7b65e855a2daff70679da562ca6f1b8864fdabf39
Size

1.0MB
Sample

240508-2nvxpabe5x
MD5

33b43d3c3ea1d34fac130da3d4534c67
SHA1

30d5641357b9f1d8a7082f6cd555d27f6b873bec
SHA256

2a76913fc75493ada5b7d8b7b65e855a2daff70679da562ca6f1b8864fdabf39
SHA512

1c1df516b5fa9260654729eb3d7bd033ef156a32d598720bdf59f6fc9006f9d545cc9ed1825f8e19373685e5f45723d39457026531b47be42047adbd4fadc615
SSDEEP

24576:VMwGL2XNdGdT4cQqKtGMuEMxtkqvmeVEMdr+TIrpzZmlFB/RMiA6cRDqNp:VMwNNYT4LhtGTBjEMVyIrfmV/Oi5Z

Score

10^/10

lumma execution stealer

Malware Config

Extracted

Family

lumma

C2

https://holicisticscrarws.shop/api

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://boredimperissvieos.shop/api

Targets

- Target
  
  2a76913fc75493ada5b7d8b7b65e855a2daff70679da562ca6f1b8864fdabf39
- Size
  
  1.0MB
- MD5
  
  33b43d3c3ea1d34fac130da3d4534c67
- SHA1
  
  30d5641357b9f1d8a7082f6cd555d27f6b873bec
- SHA256
  
  2a76913fc75493ada5b7d8b7b65e855a2daff70679da562ca6f1b8864fdabf39
- SHA512
  
  1c1df516b5fa9260654729eb3d7bd033ef156a32d598720bdf59f6fc9006f9d545cc9ed1825f8e19373685e5f45723d39457026531b47be42047adbd4fadc615
- SSDEEP
  
  24576:VMwGL2XNdGdT4cQqKtGMuEMxtkqvmeVEMdr+TIrpzZmlFB/RMiA6cRDqNp:VMwNNYT4LhtGTBjEMVyIrfmV/Oi5Z
Score

10^/10

execution lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Process Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummaexecutionstealer