lumma | 272ca33f654384f60c3b85e10bbc42e28040b91f5afad104aac3f664f89224c1 | Triage

Sharing

General

Target

Selenium.exe
Size

13KB
Sample

240825-twypjstanf
MD5

068c7a3563810d19a13f39ccc38772a3
SHA1

08ebc997f069c8c0389a7388d682ef1f67b1ad73
SHA256

272ca33f654384f60c3b85e10bbc42e28040b91f5afad104aac3f664f89224c1
SHA512

ae9dfe621bd6cd014b0137a3613c2a49b083e5c56a7e01dd958d3e9642e6e5094c4ee41494111c7ac381e9fb939e79edef6727564743b3eb3fb53a32973d8fd9
SSDEEP

384:s7/1TebgAciVU6c35z1R5Mq3/Vs8QbTf6Q:sT1TeR05xFCbTff

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://miracledzmnqwui.shop/api

https://locatedblsoqp.shop/api

https://traineiwnqo.shop/api

https://condedqpwqm.shop/api

https://millyscroqwp.shop/api

https://stagedchheiqwo.shop/api

https://stamppreewntnq.shop/api

https://caffegclasiqwp.shop/api

https://tenntysjuxmz.shop/api

Targets

- Target
  
  Selenium.exe
- Size
  
  13KB
- MD5
  
  068c7a3563810d19a13f39ccc38772a3
- SHA1
  
  08ebc997f069c8c0389a7388d682ef1f67b1ad73
- SHA256
  
  272ca33f654384f60c3b85e10bbc42e28040b91f5afad104aac3f664f89224c1
- SHA512
  
  ae9dfe621bd6cd014b0137a3613c2a49b083e5c56a7e01dd958d3e9642e6e5094c4ee41494111c7ac381e9fb939e79edef6727564743b3eb3fb53a32973d8fd9
- SSDEEP
  
  384:s7/1TebgAciVU6c35z1R5Mq3/Vs8QbTf6Q:sT1TeR05xFCbTff
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2