lumma | b38b757e461bcfc0c2c49277312e7c34ce119d0cc754205d582a91a175a76f48

General

Target

Setup.exe
Size

14.9MB
Sample

240818-wrfpaazemk
MD5

4dc3bc7b716e1e0b1f111ec3b4bb2bc3
SHA1

2f29d4011e9da6f3c0875eb510da9c166b797865
SHA256

b38b757e461bcfc0c2c49277312e7c34ce119d0cc754205d582a91a175a76f48
SHA512

c50b9b47d6b454c37580af3dbc3a4c0b29bf74d7354d8b505aab52182d86cd487155337d4d1600df79b5e9afa6579872ed99282ec5bf362cee42490a6cf6bd31
SSDEEP

98304:sCU+370qFyKGaCYwNkomHEVgyAH7knkT2/7:DA+GaCP3mkVgy

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://circullateiosn.shop/api

https://writerospzm.shop/api

https://deallerospfosu.shop/api

https://bassizcellskz.shop/api

https://languagedscie.shop/api

https://complaintsipzzx.shop/api

https://quialitsuzoxm.shop/api

https://tenntysjuxmz.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  14.9MB
- MD5
  
  4dc3bc7b716e1e0b1f111ec3b4bb2bc3
- SHA1
  
  2f29d4011e9da6f3c0875eb510da9c166b797865
- SHA256
  
  b38b757e461bcfc0c2c49277312e7c34ce119d0cc754205d582a91a175a76f48
- SHA512
  
  c50b9b47d6b454c37580af3dbc3a4c0b29bf74d7354d8b505aab52182d86cd487155337d4d1600df79b5e9afa6579872ed99282ec5bf362cee42490a6cf6bd31
- SSDEEP
  
  98304:sCU+370qFyKGaCYwNkomHEVgyAH7knkT2/7:DA+GaCP3mkVgy
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2