lumma | 6d374bed2e755bc4a45f1e6ec6997a465be3f425fc27afe3e17a9b5d8e160d38 | Triage

Sharing

General

Target

6d374bed2e755bc4a45f1e6ec6997a465be3f425fc27afe3e17a9b5d8e160d38.exe
Size

295KB
Sample

240819-bzyvlsxbkc
MD5

cecdc6f5ffde0ad1ddc333cc2a59d56e
SHA1

1d05bdb2e7c0eb5b6e5e66ab6ec077dcb97dc79d
SHA256

6d374bed2e755bc4a45f1e6ec6997a465be3f425fc27afe3e17a9b5d8e160d38
SHA512

65a481376fe6395597c0f99435ff1432925b96a3e05ee1918d0c07d1ca951f24cef80ad2823b074b2769d6ffd4db8d8974b1f74f8d512b6f8f794b1e87809bfd
SSDEEP

6144:i7ggit9uWKxuASDXAbPn4r/HogCVKmKpisQEkQ:i0gPuASk4ogkuQEk

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://revivewronggykwos.xyz/api

https://applyzxcksdia.shop/api

https://replacedoxcjzp.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

Extracted

Family

lumma

C2

https://tenntysjuxmz.shop/api

Targets

- Target
  
  6d374bed2e755bc4a45f1e6ec6997a465be3f425fc27afe3e17a9b5d8e160d38.exe
- Size
  
  295KB
- MD5
  
  cecdc6f5ffde0ad1ddc333cc2a59d56e
- SHA1
  
  1d05bdb2e7c0eb5b6e5e66ab6ec077dcb97dc79d
- SHA256
  
  6d374bed2e755bc4a45f1e6ec6997a465be3f425fc27afe3e17a9b5d8e160d38
- SHA512
  
  65a481376fe6395597c0f99435ff1432925b96a3e05ee1918d0c07d1ca951f24cef80ad2823b074b2769d6ffd4db8d8974b1f74f8d512b6f8f794b1e87809bfd
- SSDEEP
  
  6144:i7ggit9uWKxuASDXAbPn4r/HogCVKmKpisQEkQ:i0gPuASk4ogkuQEk
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer