lumma | 34b36c2fbb7c76464ebd2667b8c478e2e0afb3f93d16f1b68148800bf928fafd

General

Target

Globalhts.exe
Size

14.6MB
Sample

240801-zm2bzawdrm
MD5

0b62676466b00d579c8d0066cc05b5f3
SHA1

f6b9632026c0a38354e493eeb647d4da3c831234
SHA256

34b36c2fbb7c76464ebd2667b8c478e2e0afb3f93d16f1b68148800bf928fafd
SHA512

4a914df1e5cad61d2fafdd8c77bd90ec4c73d1fc44b63e2b09d8ff3d2f813f69b850060094f513e333e3c252c0d140ef5619847bcbbe901e15cdd9d3bdac4ee5
SSDEEP

98304:QMW3sASXhO+rag9YinX6rGHkVtFkdErwwSKcHODpnnP:/XhO+rL3qygkOrw4tDpn

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://toughsnxcmxz.shop/api

https://applyzxcksdia.shop/api

https://replacedoxcjzp.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

Extracted

Family

lumma

C2

https://toughsnxcmxz.shop/api

https://tenntysjuxmz.shop/api

Targets

- Target
  
  Globalhts.exe
- Size
  
  14.6MB
- MD5
  
  0b62676466b00d579c8d0066cc05b5f3
- SHA1
  
  f6b9632026c0a38354e493eeb647d4da3c831234
- SHA256
  
  34b36c2fbb7c76464ebd2667b8c478e2e0afb3f93d16f1b68148800bf928fafd
- SHA512
  
  4a914df1e5cad61d2fafdd8c77bd90ec4c73d1fc44b63e2b09d8ff3d2f813f69b850060094f513e333e3c252c0d140ef5619847bcbbe901e15cdd9d3bdac4ee5
- SSDEEP
  
  98304:QMW3sASXhO+rag9YinX6rGHkVtFkdErwwSKcHODpnnP:/XhO+rL3qygkOrw4tDpn
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2