lumma | d66b2ae684bd3fcb6e08ae6eef78569bc927d3ee3e04e3c0a4fe9838a7e754d3 | Triage

Sharing

General

Target

d66b2ae684bd3fcb6e08ae6eef78569bc927d3ee3e04e3c0a4fe9838a7e754d3
Size

674KB
Sample

240822-szvlmavbqe
MD5

783070efeeba257cfe69c520fc49e70c
SHA1

24e3153c0432480b9bfc1ef7b6af765a9ae646eb
SHA256

d66b2ae684bd3fcb6e08ae6eef78569bc927d3ee3e04e3c0a4fe9838a7e754d3
SHA512

2d577abbfa5788c82e9f31d6885f6208a4df808f7e88fa1d4d47f3e94eb46cfc08a11ad29701b9505e2a31dcb38debe5a3afdba27f8efc90d66391248be75d45
SSDEEP

12288:ZB3h+Mtc+U2GRNqU45iuECy5hztw3q9AlqPyGW2IqMScipLNFj7i1SybY1536x/x:ZBUSULuXNA5h

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://potentioallykeos.shop/api

Targets

- Target
  
  d66b2ae684bd3fcb6e08ae6eef78569bc927d3ee3e04e3c0a4fe9838a7e754d3
- Size
  
  674KB
- MD5
  
  783070efeeba257cfe69c520fc49e70c
- SHA1
  
  24e3153c0432480b9bfc1ef7b6af765a9ae646eb
- SHA256
  
  d66b2ae684bd3fcb6e08ae6eef78569bc927d3ee3e04e3c0a4fe9838a7e754d3
- SHA512
  
  2d577abbfa5788c82e9f31d6885f6208a4df808f7e88fa1d4d47f3e94eb46cfc08a11ad29701b9505e2a31dcb38debe5a3afdba27f8efc90d66391248be75d45
- SSDEEP
  
  12288:ZB3h+Mtc+U2GRNqU45iuECy5hztw3q9AlqPyGW2IqMScipLNFj7i1SybY1536x/x:ZBUSULuXNA5h
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer