lumma | 661c81a13203979c3fdfb03507fadd67733e3d9790b9398c3c3f727000f37df8

General

Target

2024-08-25_4e944ca93a6cf864b5c5ca0549dcfd1b_poet-rat_snatch
Size

20.0MB
Sample

240825-lr9l9axfjb
MD5

4e944ca93a6cf864b5c5ca0549dcfd1b
SHA1

13c4fe6d01f9e54dec1529943e038090958b803c
SHA256

661c81a13203979c3fdfb03507fadd67733e3d9790b9398c3c3f727000f37df8
SHA512

3cd33b5f62de21ff445dac5a2f7fa991dfa646940e85f69de7297bd83faceeb0745a70eec3ea64573e34a9c703710438e845a4fc5ad149b33866e5e6a15d1540
SSDEEP

98304:ZWPbtXchTsF7JFrsQE5nl7j1/96FAfht7yQy+pwfVdTbFFWmL2sGEZqR/8UPV+B3:oJJ14lF/96GfHWQsdtEPFE5uUEJnw

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://greetycruthsuo.shop/api

https://locatedblsoqp.shop/api

https://traineiwnqo.shop/api

https://condedqpwqm.shop/api

https://millyscroqwp.shop/api

https://stagedchheiqwo.shop/api

https://stamppreewntnq.shop/api

https://caffegclasiqwp.shop/api

https://tenntysjuxmz.shop/api

Targets

- Target
  
  2024-08-25_4e944ca93a6cf864b5c5ca0549dcfd1b_poet-rat_snatch
- Size
  
  20.0MB
- MD5
  
  4e944ca93a6cf864b5c5ca0549dcfd1b
- SHA1
  
  13c4fe6d01f9e54dec1529943e038090958b803c
- SHA256
  
  661c81a13203979c3fdfb03507fadd67733e3d9790b9398c3c3f727000f37df8
- SHA512
  
  3cd33b5f62de21ff445dac5a2f7fa991dfa646940e85f69de7297bd83faceeb0745a70eec3ea64573e34a9c703710438e845a4fc5ad149b33866e5e6a15d1540
- SSDEEP
  
  98304:ZWPbtXchTsF7JFrsQE5nl7j1/96FAfht7yQy+pwfVdTbFFWmL2sGEZqR/8UPV+B3:oJJ14lF/96GfHWQsdtEPFE5uUEJnw
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2