lumma | f2f85ae10dfe99a21180c7cd7eaff45454a41c0311d23088fdba0a7452fb53f5

General

Target

Setup_x32_x64.exe
Size

30.0MB
Sample

240726-ycf3lstcma
MD5

5810826bfc5649f704b35b6be3f7955d
SHA1

573d7dd1d7d10d35845ca04ef64206ebb161141d
SHA256

f2f85ae10dfe99a21180c7cd7eaff45454a41c0311d23088fdba0a7452fb53f5
SHA512

867ef8b570d4cb81cff8f756a0ed24d5d2b4d8955576727c2802c6a0a945e965be88aa70d81c4d2690c6c2e06c740d970976213c08722969b98f4eda88787d5e
SSDEEP

196608:UVvpshEmEO1iGZBTpcB8GV5rVSAmCivFjSkCWk4CX4h:UWEm7iEpYZsAmCidjfCX4h

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://spackledzpxs.shop/api

https://applyzxcksdia.shop/api

https://replacedoxcjzp.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

Extracted

Family

lumma

C2

https://spackledzpxs.shop/api

https://applyzxcksdia.shop/api

Targets

- Target
  
  Setup_x32_x64.exe
- Size
  
  30.0MB
- MD5
  
  5810826bfc5649f704b35b6be3f7955d
- SHA1
  
  573d7dd1d7d10d35845ca04ef64206ebb161141d
- SHA256
  
  f2f85ae10dfe99a21180c7cd7eaff45454a41c0311d23088fdba0a7452fb53f5
- SHA512
  
  867ef8b570d4cb81cff8f756a0ed24d5d2b4d8955576727c2802c6a0a945e965be88aa70d81c4d2690c6c2e06c740d970976213c08722969b98f4eda88787d5e
- SSDEEP
  
  196608:UVvpshEmEO1iGZBTpcB8GV5rVSAmCivFjSkCWk4CX4h:UWEm7iEpYZsAmCidjfCX4h
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2