lumma | e384c29b08a19b19ef8d0ee44cf7198229167e02fd926e2f2e3171fc70887ddc | Triage

Sharing

General

Target

e384c29b08a19b19ef8d0ee44cf7198229167e02fd926e2f2e3171fc70887ddc.dll
Size

525KB
Sample

240806-c17pks1cje
MD5

bc63b64cea0ebebeaa81ad3232b458cf
SHA1

7ff599b7dca5d75ca6fba2d25521ce2c103eb3d2
SHA256

e384c29b08a19b19ef8d0ee44cf7198229167e02fd926e2f2e3171fc70887ddc
SHA512

c5616c51f622bae5c01141a6c50b877e59dd99e5989b3ecfa70d1e46074ed8fdd2d865222b3d63691192912b4d5273703ccab201294566d13800258ede3ec4f3
SSDEEP

12288:kUMR3QzWv8l0t+uYRsXuV93OSQQrbLWKAy8:kUMLElvRh9yQrbL1Ay8

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://clouddycuiomsnz.shop/api

https://chippyfroggsyhz.shop/api

https://tenntysjuxmz.shop/api

Targets

- Target
  
  e384c29b08a19b19ef8d0ee44cf7198229167e02fd926e2f2e3171fc70887ddc.dll
- Size
  
  525KB
- MD5
  
  bc63b64cea0ebebeaa81ad3232b458cf
- SHA1
  
  7ff599b7dca5d75ca6fba2d25521ce2c103eb3d2
- SHA256
  
  e384c29b08a19b19ef8d0ee44cf7198229167e02fd926e2f2e3171fc70887ddc
- SHA512
  
  c5616c51f622bae5c01141a6c50b877e59dd99e5989b3ecfa70d1e46074ed8fdd2d865222b3d63691192912b4d5273703ccab201294566d13800258ede3ec4f3
- SSDEEP
  
  12288:kUMR3QzWv8l0t+uYRsXuV93OSQQrbLWKAy8:kUMLElvRh9yQrbL1Ay8
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer