lumma | 67fcab0ea895e69d884bf283088d75a4051062b3c5c028325042fe2d13af52d8 | Triage

Sharing

General

Target

Insomnia.exe
Size

533KB
Sample

240524-wja4tsea2t
MD5

03a847ab7c37c2afc5153913ff897be3
SHA1

e9a9b56bb97a039a6063c7b70d398bf2f0038072
SHA256

67fcab0ea895e69d884bf283088d75a4051062b3c5c028325042fe2d13af52d8
SHA512

ee7750ce6c2497eced516b094e61ff05497bbefb83efaa6fb172e9e02ccc475ad9fbf0f04009921b9e0db538d7a511c7884174955c207292aae0ccc72e8a8791
SSDEEP

12288:RxYEZoQZq11WygpAKRcT3hUVwabQIP+P0Xp:RxY0Zq1KRW3hUuan

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

https://boredimperissvieos.shop/api

Targets

- Target
  
  Insomnia.exe
- Size
  
  533KB
- MD5
  
  03a847ab7c37c2afc5153913ff897be3
- SHA1
  
  e9a9b56bb97a039a6063c7b70d398bf2f0038072
- SHA256
  
  67fcab0ea895e69d884bf283088d75a4051062b3c5c028325042fe2d13af52d8
- SHA512
  
  ee7750ce6c2497eced516b094e61ff05497bbefb83efaa6fb172e9e02ccc475ad9fbf0f04009921b9e0db538d7a511c7884174955c207292aae0ccc72e8a8791
- SSDEEP
  
  12288:RxYEZoQZq11WygpAKRcT3hUVwabQIP+P0Xp:RxY0Zq1KRW3hUuan
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2