Overview

overview

10

Static

static

1

URLScan

urlscan

https://mega.nz/file...

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    https://mega.nz/file/531lnLZb#dLmxoLZ1aHvB6kjdkogYKxBwUM9h19zG0PVuPGS7VYI

  • Sample

    240803-jpan2a1gqe

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://boillingyskop.shop/api

https://empiredzmwnx.shop/api

https://boattyownerwrv.shop/api

https://rainbowmynsjn.shop/api

https://definitonizmnx.shop/api

https://creepydxzoxmj.shop/api

https://budgetttysnzm.shop/api

https://chippyfroggsyhz.shop/api

https://assumedtribsosp.shop/api

Extracted

Family

lumma

C2

https://boillingyskop.shop/api

https://empiredzmwnx.shop/api

https://boattyownerwrv.shop/api

https://rainbowmynsjn.shop/api

https://definitonizmnx.shop/api

https://creepydxzoxmj.shop/api

https://budgetttysnzm.shop/api

https://chippyfroggsyhz.shop/api

https://assumedtribsosp.shop/api

https://tenntysjuxmz.shop/api

Targets

    • Target

      https://mega.nz/file/531lnLZb#dLmxoLZ1aHvB6kjdkogYKxBwUM9h19zG0PVuPGS7VYI

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks