lumma | a2c44982ed5a887c9ee4b85adbe0bfa381af6f54a1e8af0b739a2ecebc0e2271 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20240901bc178b716c83296a3f5397485cb6f9e7poetratsnatch
Size

13.5MB
Sample

240901-pkkw4a1cje
MD5

bc178b716c83296a3f5397485cb6f9e7
SHA1

c3f3055e56bba2cef6a47c10f436f7d342361bca
SHA256

a2c44982ed5a887c9ee4b85adbe0bfa381af6f54a1e8af0b739a2ecebc0e2271
SHA512

9a17e9ac7f72309ab54ab4c0a4ab4cab2bfe4a59930de68e8d252e9cec4dd1b8748eaf00bf8b75e4c27ae56e2f848e30783257019a398dc005826adb65f12607
SSDEEP

98304:nz7i6E9crf7Wftn/MgXOyAibT3AJu9PN9V0gV92n1E+xgBGwT+k:q6QqgnAS0JudN9eCEOS

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://circullateiosn.shop/api

Targets

- Target
  
  20240901bc178b716c83296a3f5397485cb6f9e7poetratsnatch
- Size
  
  13.5MB
- MD5
  
  bc178b716c83296a3f5397485cb6f9e7
- SHA1
  
  c3f3055e56bba2cef6a47c10f436f7d342361bca
- SHA256
  
  a2c44982ed5a887c9ee4b85adbe0bfa381af6f54a1e8af0b739a2ecebc0e2271
- SHA512
  
  9a17e9ac7f72309ab54ab4c0a4ab4cab2bfe4a59930de68e8d252e9cec4dd1b8748eaf00bf8b75e4c27ae56e2f848e30783257019a398dc005826adb65f12607
- SSDEEP
  
  98304:nz7i6E9crf7Wftn/MgXOyAibT3AJu9PN9V0gV92n1E+xgBGwT+k:q6QqgnAS0JudN9eCEOS
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer