lumma | 0069062fe6230e10aaf3c810c471725e963b4b47ea094328681de072a8ffa6f3

General

Target

Game_Setup v5.11.zip
Size

42.3MB
Sample

240801-1dhc6sxajq
MD5

3996177191708b4c311e0d6f5577a2e1
SHA1

36983c32342d7e92c5d681a7316c3555f1e82ec2
SHA256

0069062fe6230e10aaf3c810c471725e963b4b47ea094328681de072a8ffa6f3
SHA512

b2d654587059b359bf2d833858f8234071d093b4ed09e628559cff57a60cad211e3c5a54ac6304566a04cdda3627fb2296a9db962e525ac9ecf81edc18ef0883
SSDEEP

786432:c52QoF4U20MZ1JY35ZKYBvUHzWdENtXDUkE+HJQkBoLFCWIL6o9/IgyJzMxu:y2K0p5pBcptTlHekiC7me/IJ6c

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://illnesmunxkza.shop/api

https://shelterryujxo.shop/api

https://chequedxmznp.shop/api

https://triallyforwhgh.shop/api

https://shootydowtqosm.shop/api

https://faceddullinhs.shop/api

https://egorepetiiiosn.shop/api

https://ammycanedpors.shop/api

Extracted

Family

lumma

C2

https://tenntysjuxmz.shop/api

Targets

- Target
  
  Game_Setup v5.11.zip
- Size
  
  42.3MB
- MD5
  
  3996177191708b4c311e0d6f5577a2e1
- SHA1
  
  36983c32342d7e92c5d681a7316c3555f1e82ec2
- SHA256
  
  0069062fe6230e10aaf3c810c471725e963b4b47ea094328681de072a8ffa6f3
- SHA512
  
  b2d654587059b359bf2d833858f8234071d093b4ed09e628559cff57a60cad211e3c5a54ac6304566a04cdda3627fb2296a9db962e525ac9ecf81edc18ef0883
- SSDEEP
  
  786432:c52QoF4U20MZ1JY35ZKYBvUHzWdENtXDUkE+HJQkBoLFCWIL6o9/IgyJzMxu:y2K0p5pBcptTlHekiC7me/IJ6c
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  Config/audit/updater.exe
- Size
  
  97.2MB
- MD5
  
  f44a50c4c1822e9682a03629665a31e4
- SHA1
  
  380fdd98683450d0a59d904aca7a190534b34db2
- SHA256
  
  ddb47ac9f17f6ef351f59cd2c8ef54ccf240f918681034b1a9d6fa358780dc07
- SHA512
  
  3e39e32f0c8e51825847fd429b2c46b8362af75cf1d2d59fcd1c595a8caec052e47bc39488ad7d82c3abcd2af71a9a2ec471529ab5a856885ce08f3f77c767ce
- SSDEEP
  
  786432:Fjq3rM8Hqm5iY6tKq+V5ERl5dDWfMMCi5/I9qJwh5I1u75:Fjq3zo5ldkdXJu5
Score

1^/10
behavioral2
- Target
  
  Setup.exe
- Size
  
  17.1MB
- MD5
  
  747156a7bd20687ec90ae3e264247272
- SHA1
  
  04e0b441b0be4e108b76a57e7485d2b9cbe269d3
- SHA256
  
  55a2a16dbb85ed544d609fb33918b342cb1831bbca1e090abd51620354116981
- SHA512
  
  c5a40701e01e53499108203120c63cf428a10c71de20c6200ac087becce84605efe3c7f4cbafbe93ea8197dba23a6b1ff569d1976e073e9dbc1d23cbbafbb0d1
- SSDEEP
  
  98304:1O68R5feuenTuWjTuwAlval9bAmEmCVkzioZJ9wJEjETkmg:MOuenTuWjiRval9bAmCVu3gTRg
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3