lumma | 2380b9a91c92ba2ab097f7237294d9235970ea3054bd16c7b5aabcbec9c44322 | Triage

Sharing

General

Target

2380b9a91c92ba2ab097f7237294d9235970ea3054bd16c7b5aabcbec9c44322.exe
Size

17.2MB
Sample

240829-sfnnzazcqk
MD5

c304e6d97f3a59f101484c104132c434
SHA1

02eefa0d5e5578406c37d9088be34c844349df01
SHA256

2380b9a91c92ba2ab097f7237294d9235970ea3054bd16c7b5aabcbec9c44322
SHA512

14c239ecf12941dcef6f0ab7e955c942061310dd38b3979fc98a6f76c23c81014d337970c8b4d0ed062fb869fabbf55555a39a8506e66de78502d1b1c41f9394
SSDEEP

98304:apXjB+jkboS06BrHkB1IuCg8CgEkUa9VCzk1K4Yjghio6cWE79DTHA5UiuHRClbm:WQyI3INCgzVCNUhp79o2RClbvO

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://separateedmsqj.shop/api

https://locatedblsoqp.shop/api

https://traineiwnqo.shop/api

Targets

- Target
  
  2380b9a91c92ba2ab097f7237294d9235970ea3054bd16c7b5aabcbec9c44322.exe
- Size
  
  17.2MB
- MD5
  
  c304e6d97f3a59f101484c104132c434
- SHA1
  
  02eefa0d5e5578406c37d9088be34c844349df01
- SHA256
  
  2380b9a91c92ba2ab097f7237294d9235970ea3054bd16c7b5aabcbec9c44322
- SHA512
  
  14c239ecf12941dcef6f0ab7e955c942061310dd38b3979fc98a6f76c23c81014d337970c8b4d0ed062fb869fabbf55555a39a8506e66de78502d1b1c41f9394
- SSDEEP
  
  98304:apXjB+jkboS06BrHkB1IuCg8CgEkUa9VCzk1K4Yjghio6cWE79DTHA5UiuHRClbm:WQyI3INCgzVCNUhp79o2RClbvO
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer