lumma | b56ea0bb5fc24ffbe99c8fb8431b88c93d5fed34335bbf76f1d798398d8182bb | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.InjectNET.17.16891.19765.exe
Size

13KB
Sample

240825-vbnjhswcjl
MD5

49b48e143dd4eb70ceca12eab53fdaab
SHA1

2fba7352c80b275d5eec3539e5290406f77861f5
SHA256

b56ea0bb5fc24ffbe99c8fb8431b88c93d5fed34335bbf76f1d798398d8182bb
SHA512

23670a917a90bacec1cf78ca87a4766f94b04bb45a3e34a0dab671956f39763209d4d98f2ae64f62784b9241abab028ae8ce9342b5b6d35da63c6cbcbc4fc732
SSDEEP

384:47/1TebgAciVU6c35z1R5Mq3oVK8QbTf6Q:4T1TeR05xOsbTff

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://miracledzmnqwui.shop/api

https://potentioallykeos.shop/api

Targets

- Target
  
  SecuriteInfo.com.Trojan.InjectNET.17.16891.19765.exe
- Size
  
  13KB
- MD5
  
  49b48e143dd4eb70ceca12eab53fdaab
- SHA1
  
  2fba7352c80b275d5eec3539e5290406f77861f5
- SHA256
  
  b56ea0bb5fc24ffbe99c8fb8431b88c93d5fed34335bbf76f1d798398d8182bb
- SHA512
  
  23670a917a90bacec1cf78ca87a4766f94b04bb45a3e34a0dab671956f39763209d4d98f2ae64f62784b9241abab028ae8ce9342b5b6d35da63c6cbcbc4fc732
- SSDEEP
  
  384:47/1TebgAciVU6c35z1R5Mq3oVK8QbTf6Q:4T1TeR05xOsbTff
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer