lumma | 8d4f3d42bbc1b0df52d15930475f19fc43c5f622ecc8d9e9ced3473096ebe697 | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.InjectNET.17.22463.10190.exe
Size

13KB
Sample

240825-vb9rratgkd
MD5

7f6a8b1d6c59590e8adf10eb2941399f
SHA1

211011033999d21b16f30c544bbecf39409a8864
SHA256

8d4f3d42bbc1b0df52d15930475f19fc43c5f622ecc8d9e9ced3473096ebe697
SHA512

f3a0c84751fb9735eb93ed4ef4318c80a320606bb74bb7be4006b2643a6a763d22f11a98a91694bce42cafee72e57885794c558a5be168bf9ec8d2e30b98c3e6
SSDEEP

384:47/1TebgAciVU6c35z1R5Mq32V78QbTf6Q:4T1TeR05xoXbTff

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://miracledzmnqwui.shop/api

https://potentioallykeos.shop/api

Targets

- Target
  
  SecuriteInfo.com.Trojan.InjectNET.17.22463.10190.exe
- Size
  
  13KB
- MD5
  
  7f6a8b1d6c59590e8adf10eb2941399f
- SHA1
  
  211011033999d21b16f30c544bbecf39409a8864
- SHA256
  
  8d4f3d42bbc1b0df52d15930475f19fc43c5f622ecc8d9e9ced3473096ebe697
- SHA512
  
  f3a0c84751fb9735eb93ed4ef4318c80a320606bb74bb7be4006b2643a6a763d22f11a98a91694bce42cafee72e57885794c558a5be168bf9ec8d2e30b98c3e6
- SSDEEP
  
  384:47/1TebgAciVU6c35z1R5Mq32V78QbTf6Q:4T1TeR05xoXbTff
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer