lumma | 7989923d607768681995c3f5486505cf962ddf7391cf50800a6d52e09922cdd5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0SpotifyMusic.exe
Size

16.9MB
Sample

240903-s2adgazgpq
MD5

251726441fbb313a3821d1dacde0a07a
SHA1

c44bcb3e5589471933793aa6cec03956ebfa8aa4
SHA256

7989923d607768681995c3f5486505cf962ddf7391cf50800a6d52e09922cdd5
SHA512

b977d5019b3fcf0468e747b2b4d3fbca07a30f3dca188b0d4559b44e5be2250edb335f9f30105421993d1781fa4136f362b40ea2c3e387210df1bdfeeb58a406
SSDEEP

196608:24oERj3Cwqi6OyV0O/NMNjT/qfN9Fqvrz31aPTbv8PTbb4hnvIBPRPFTN3vEDHir:wROK/N5BmBis

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://reluctancedopmxz.shop/api

https://locatedblsoqp.shop/api

Targets

- Target
  
  0SpotifyMusic.exe
- Size
  
  16.9MB
- MD5
  
  251726441fbb313a3821d1dacde0a07a
- SHA1
  
  c44bcb3e5589471933793aa6cec03956ebfa8aa4
- SHA256
  
  7989923d607768681995c3f5486505cf962ddf7391cf50800a6d52e09922cdd5
- SHA512
  
  b977d5019b3fcf0468e747b2b4d3fbca07a30f3dca188b0d4559b44e5be2250edb335f9f30105421993d1781fa4136f362b40ea2c3e387210df1bdfeeb58a406
- SSDEEP
  
  196608:24oERj3Cwqi6OyV0O/NMNjT/qfN9Fqvrz31aPTbv8PTbb4hnvIBPRPFTN3vEDHir:wROK/N5BmBis
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer

behavioral3

lummadiscoverystealer

behavioral4