lumma | edef6777be8dbb15748bcf1332c0a7e49e5d8b8793ff23ccfb41da2d3ff1c0cc

General

Target

edef6777be8dbb15748bcf1332c0a7e49e5d8b8793ff23ccfb41da2d3ff1c0cc
Size

2.7MB
Sample

240711-jbmfnsybld
MD5

0bceb88aed8c6bb2f5d20c050af530b3
SHA1

6ec563e2cc84bd115ca4c325f25860d9c7a57149
SHA256

edef6777be8dbb15748bcf1332c0a7e49e5d8b8793ff23ccfb41da2d3ff1c0cc
SHA512

eb3c3d5622684fa4f2d55b8307d6fef898404382a7fc8f2dc350bf6633cb700e5cae778d3315367f88d2b605ebe71a6d691bfd10b9432ce4c164ada9c85842f4
SSDEEP

49152:c6B7KXGRde2dWchGri7yFjqsh+/Kq6AO96P2up7mnEhyha/h8:c6hKmdPWAx7DK+l6Q6EQX

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://bittercoldzzdwu.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

- Target
  
  !~!SetUp_2025_Pa$$W0rd$s!!%!~/Setup.exe
- Size
  
  2.2MB
- MD5
  
  d9530ecee42acccfd3871672a511bc9e
- SHA1
  
  89b4d2406f1294bd699ef231a4def5f495f12778
- SHA256
  
  81e04f9a131534acc0e9de08718c062d3d74c80c7f168ec7e699cd4b2bd0f280
- SHA512
  
  d5f048ea995affdf9893ec4c5ac5eb188b6714f5b6712e0b5a316702033421b145b8ee6a62d303eb4576bf8f57273ff35c5d675807563a31157136f79d8a9980
- SSDEEP
  
  49152:rHOut2Bf0ajIM8XEEN6N0rE/I/vqn7krQEQusd5F:VbaMbXbE/I/SnwrQEQusd/
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  !~!SetUp_2025_Pa$$W0rd$s!!%!~/d3dx9_43.dll
- Size
  
  1.9MB
- MD5
  
  520899c7de9df32fc7878eea4df08a72
- SHA1
  
  2e91083d8a53c12c225dc02fea6ad818fc71943a
- SHA256
  
  0820fdafef37cb7fa1ae83d8b1f7c3839c61b6744426831d15c4561468a2e234
- SHA512
  
  61d9fb871e79d6b17dc853cfc7a3f86a9dcd67976f809130b8036e13a62dd1063609061f883c24b28027f3c9faa9bc592168cad2852a333325992cbdeb1f6801
- SSDEEP
  
  24576:JCVU6OIyl2Wy9M3bJ45fPS0zFZghQ6aOiFaKOE31GrvFXl74YZ29X1MDd6olmrBp:J/66l2u45BiNYFrz31Cv3D29kd6kaD
Score

1^/10
behavioral3 behavioral4
- Target
  
  !~!SetUp_2025_Pa$$W0rd$s!!%!~/heartthrob.doc
- Size
  
  77KB
- MD5
  
  42e6685956ce07bdfe900b44dfda8555
- SHA1
  
  29d8ca5bae80f4d1ced66683d2ebd64a90b5eff7
- SHA256
  
  7f4dc10f712c2d0d4ae5f24e3defb4fcbeb1b38a7dd357a7473f954abe8faf0d
- SHA512
  
  4d293d2f298d108afdd854bf43bd1c0bb18a29082c94c7559e667bb0bb155584437cb4d4212a9ca0f19ccab766f5de42ded0d381ec071f193f9db1c1672c2a67
- SSDEEP
  
  1536:02WkXRPQqe0N7OoGvvHDkh9e0rafDfy7RsY3U:3Dh3xsPDUe04LSs+U
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6