lumma | 0014ec684f5a1063bdc5a9e87009ec8dd31d95624cd8b28907adcbacce1eae76

General

Target

SecuriteInfo.com.W64.Agent.VY.tr.12188.8697.exe
Size

8.1MB
Sample

240819-v793dsxcnh
MD5

d4fca59c99d8d70aca5744d147e37c03
SHA1

0ed1cf14ece0b5569a0bdf35d4504b5eaa98a64d
SHA256

0014ec684f5a1063bdc5a9e87009ec8dd31d95624cd8b28907adcbacce1eae76
SHA512

114c1e2286ff359dbcf8eb0363b9aced4bea5120b54c6bb60f169ce917400ca9fc998453d72f09cbe26e5d54cc613426bab7626182a10953fbc3695ecd13a65b
SSDEEP

49152:lFbWnXBu17RAV17vstEd7CmQqzuvrv59XNeV9e6kXKwD5EXhXwHxVFfMotNXiLfB:bWulTaQNNVD5cXqFhNjERbvNcrLho

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://torubleeodsmzo.shop/api

https://potentioallykeos.shop/api

https://interactiedovspm.shop/api

https://charecteristicdxp.shop/api

https://cagedwifedsozm.shop/api

https://deicedosmzj.shop/api

https://southedhiscuso.shop/api

https://consciousourwi.shop/api

https://tenntysjuxmz.shop/api

Targets

- Target
  
  SecuriteInfo.com.W64.Agent.VY.tr.12188.8697.exe
- Size
  
  8.1MB
- MD5
  
  d4fca59c99d8d70aca5744d147e37c03
- SHA1
  
  0ed1cf14ece0b5569a0bdf35d4504b5eaa98a64d
- SHA256
  
  0014ec684f5a1063bdc5a9e87009ec8dd31d95624cd8b28907adcbacce1eae76
- SHA512
  
  114c1e2286ff359dbcf8eb0363b9aced4bea5120b54c6bb60f169ce917400ca9fc998453d72f09cbe26e5d54cc613426bab7626182a10953fbc3695ecd13a65b
- SSDEEP
  
  49152:lFbWnXBu17RAV17vstEd7CmQqzuvrv59XNeV9e6kXKwD5EXhXwHxVFfMotNXiLfB:bWulTaQNNVD5cXqFhNjERbvNcrLho
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2