lumma | e1f5cdb992e13792f7a604311c1294f8d1f65ae97fa41a931082c22561b11ff2 | Triage

Sharing

General

Target

Setup.exe
Size

497KB
Sample

240801-zmzhdazhke
MD5

e540e0209ceeed496ece4958b387ff31
SHA1

7b2b9419613073b758db9b65b8e12cca0b0da8f7
SHA256

e1f5cdb992e13792f7a604311c1294f8d1f65ae97fa41a931082c22561b11ff2
SHA512

609cd91e4c4c21ad486676e9b973683015c1cf315a91055e5ce1d313d88a8ed3124e8b8db8dd8f7b0ac6ac155bafe843e81e87cda777518c607041bc9b59d34c
SSDEEP

12288:OcXeTktD9Rt55DbYezjNLIK2FeVqSwYz3BYirOTyw5hS:OHTk/5lZZLIGqSnjBpOewX

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://tenntysjuxmz.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  497KB
- MD5
  
  e540e0209ceeed496ece4958b387ff31
- SHA1
  
  7b2b9419613073b758db9b65b8e12cca0b0da8f7
- SHA256
  
  e1f5cdb992e13792f7a604311c1294f8d1f65ae97fa41a931082c22561b11ff2
- SHA512
  
  609cd91e4c4c21ad486676e9b973683015c1cf315a91055e5ce1d313d88a8ed3124e8b8db8dd8f7b0ac6ac155bafe843e81e87cda777518c607041bc9b59d34c
- SSDEEP
  
  12288:OcXeTktD9Rt55DbYezjNLIK2FeVqSwYz3BYirOTyw5hS:OHTk/5lZZLIGqSnjBpOewX
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer