lumma | ea419e09d5c424522a483230110b80505fe5e3da2d54a2ef023cc7d1e1c6a9dc | Triage

Sharing

General

Target

bc112e03f5bc1eca1e3f630828d17468.bin
Size

3.0MB
Sample

240820-b68nds1frn
MD5

5aa8ace86eb6d531bcf5794600b6ad08
SHA1

bb35cf14f54d7828e3f9f983e464d84ce41c72e6
SHA256

ea419e09d5c424522a483230110b80505fe5e3da2d54a2ef023cc7d1e1c6a9dc
SHA512

ae1c23f0b72e26850fc0c4936baf3d76517dbb7e71dfc137cb8802c94fccc6510de40161b3a0bb18a7edb87ab4a5aa57e5fc5e6991f7b4170a22e9e0ce5dd5b9
SSDEEP

49152:Fb/rFiP2+LclC7RtHDU0zUt/xXzHGt3JQ2YJZkZsyC38yFqOFsQIqlbPaiIjoKhb:1zjle3Y0zUtJXzmBODysyC3DGFNVjJhb

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://polyctendizxcop.shop/api

https://tenntysjuxmz.shop/api

Targets

- Target
  
  a7584bfc64ddb62213e3b15f93df12a4db61ee332d24f033982c487fb90d695b.exe
- Size
  
  7.0MB
- MD5
  
  bc112e03f5bc1eca1e3f630828d17468
- SHA1
  
  0bf7005b57804807f38c84690cd607087793c266
- SHA256
  
  a7584bfc64ddb62213e3b15f93df12a4db61ee332d24f033982c487fb90d695b
- SHA512
  
  c83bf61bd332362cdf470b8a0ffdd6ff111ab786b3ebeedaaa82243344ef657c510ecd07497965e15ff7200188337429e95082d60ba779c7d63856f673729fa4
- SSDEEP
  
  49152:clvQaIqIanAEgHwoH/1SyH7R+NXIkGvoxVyOF85J91DpyFQLmWNb4o9jc5EXRXY1:Mv0KnAj3EHq91DpTcEX2nlKkSDH/O
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer