lumma | 152399a304a168afc17a601493b7f718e2dd3abf54ed593d2c81f5f92ef89fd7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

152399a304a168afc17a601493b7f718e2dd3abf54ed593d2c81f5f92ef89fd7.zip
Size

2.7MB
Sample

240904-bf4lra1hrq
MD5

17f4b1636615528fbc728cd490c1062f
SHA1

ef8cdaddad59edd6530caa8d90d879479f24e3a8
SHA256

152399a304a168afc17a601493b7f718e2dd3abf54ed593d2c81f5f92ef89fd7
SHA512

8d28d958f66f56813e239500b30650dd3c38541737c76b7fd7184614bbd67dcbda5722b69930e8dd9f8551d0404dbac6874c6f1bb3936779de142fb3b3f068db
SSDEEP

49152:DsdiRciOFEd+c4GtAozshQhQztmhcmqUUDTC4dWf/HG64zd+FK5fL:DsdUEEUcFrqvmqUUDTLdwHooK5fL

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://unawaredfostwp.shop/api

https://locatedblsoqp.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  1.6MB
- MD5
  
  ec539c4a9c60b3690fbd891e19333362
- SHA1
  
  7cd141b72d9c6701c27f939b790624ebe04668fd
- SHA256
  
  1d60149ce640f4e07bceeb8940950441025277f1eba4f501f8afe558030b34fe
- SHA512
  
  b6a3496e7b6f7aed5dcc7e0bb3fe903d2c231ff5470bbedd37e8bea83b1951dc835f32ac6508dea8b561bfd6354e7741227a42eb49fc0575ce64e12b494c00c1
- SSDEEP
  
  24576:Iz2WcNmHWLyc6+QrRIVkQirZieVPpd27K8mBWSjTUvJ2Npi8TofJ8jH3cT:RNmHyyc63YwQcTjT02NPTofJWXcT
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  datastate.dll
- Size
  
  75KB
- MD5
  
  28f0ccf746f952f94ff434ca989b7814
- SHA1
  
  506e85d2de6377492d90b98aa20663b0ff3ce32a
- SHA256
  
  6010e2147a0f51a7bfa2f942a5a9eaad9a294f463f717963b486ed3f53d305c2
- SHA512
  
  b74ebb9a12079caf7bc074bb977ee94dc6ffcae845c1120026f384953fe2499d4bb0cdb7b6dcb2ff7f37e8135db06048815cc13d1837235eb11fe86e3c4572ee
- SSDEEP
  
  768:BdPmXHrMcRkZrVlqE6BI6TalNPzrrSRTy3IXGX8prYXDRMMUKkVp4VdEhahE:r+XrMzriE6BorrJIXJpCRM7fVp4c
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  sqlite3.dll
- Size
  
  889KB
- MD5
  
  139bc72a6045bd3761a701a2c8838481
- SHA1
  
  0702747c24b0f2637c6b09be7ccb91fda9ed1584
- SHA256
  
  b85a947025c582ca37a9c207a90b2efa8e0cb46557a258838e64451180821499
- SHA512
  
  53a69eda5b122bc31a20bd270ed80ca58fbde8c2fd9331dbe21d7943e5e5acc9b7dac651c42dbc0729e32c3a8eb465508a7b00c26c305724e804409c2709361d
- SSDEEP
  
  24576:X/xNAQB74x0FwTuis6eCwjH+SWAhzf/A/:XE+syis/LjH+S5hs
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer

behavioral3

behavioral4

behavioral5

behavioral6