lumma | 5c6cc911640475b3c36b8def6b7d4453693da4a339f5e22e3e4b0b57026e2485 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20240903839ff498cacb88a4ccc11ee96caffc49poetratsnatch
Size

11.6MB
Sample

240903-qz7vvayapp
MD5

839ff498cacb88a4ccc11ee96caffc49
SHA1

650170e6b14cc2edf608b42ac8c6de181f18c044
SHA256

5c6cc911640475b3c36b8def6b7d4453693da4a339f5e22e3e4b0b57026e2485
SHA512

9aa67859b79ed88c796d054d2b31471a444df565b813e55cb1b0a0959be4540860d2d8d245ef56d92df3a40560af892e33c8ea43cc2e1ea90df0b25070523235
SSDEEP

98304:/kmuMaM/kXve3NdGaNdNj8YGlaEDUq2OxHTRpe5YO0i2P3CWsp1vMq5XIBZ2i8N+:cTsSkdi5lCxPQX

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://reluctancedopmxz.shop/api

https://locatedblsoqp.shop/api

Targets

- Target
  
  20240903839ff498cacb88a4ccc11ee96caffc49poetratsnatch
- Size
  
  11.6MB
- MD5
  
  839ff498cacb88a4ccc11ee96caffc49
- SHA1
  
  650170e6b14cc2edf608b42ac8c6de181f18c044
- SHA256
  
  5c6cc911640475b3c36b8def6b7d4453693da4a339f5e22e3e4b0b57026e2485
- SHA512
  
  9aa67859b79ed88c796d054d2b31471a444df565b813e55cb1b0a0959be4540860d2d8d245ef56d92df3a40560af892e33c8ea43cc2e1ea90df0b25070523235
- SSDEEP
  
  98304:/kmuMaM/kXve3NdGaNdNj8YGlaEDUq2OxHTRpe5YO0i2P3CWsp1vMq5XIBZ2i8N+:cTsSkdi5lCxPQX
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer