lumma | 61a5dd7a407309437d8beaeda0809ece99aebda9391572ad473c95c9d535233f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61a5dd7a407309437d8beaeda0809ece99aebda9391572ad473c95c9d535233f
Size

5.3MB
Sample

240905-max3kayhjf
MD5

ef2984a2da77edb1dd4044125222adaa
SHA1

5e61c5ad1bdde2237cc42aa007dc94aec175e756
SHA256

61a5dd7a407309437d8beaeda0809ece99aebda9391572ad473c95c9d535233f
SHA512

99fbc209d33e39d0488e2399ed2179cd749e59491834522b1bcc228ab070e1289f0dc770e845aeb3faacc1f2ffa8919f3179eb78e776c348672f5b710b3a3593
SSDEEP

98304:LJDmg43FB5Uyo1pBFet1bcIICHO0kxFHHEiOkJkPWY96tybxFcB2wwJnC6QFUNya:NoBCyo1PFe1bcKQokJQWY96taFcB2wMV

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://fisstyconsumerosp.shop/api

Targets

- Target
  
  0e705b7128bf00d5164ac75622beb1fd36c1b1712e8014fc3798f3abd5478936.exe
- Size
  
  16.6MB
- MD5
  
  7d4b9d6e019781cda72695f7140c6dcd
- SHA1
  
  b34000e91071dfe54e311a3c391bc76ede44fbe2
- SHA256
  
  0e705b7128bf00d5164ac75622beb1fd36c1b1712e8014fc3798f3abd5478936
- SHA512
  
  fb1eaa08ca0156d06b4149716c5aea51e5b0e06ee0ada8e42f59520b23bb74e193d3429a55aa4239f6af422b67d46523971dec3ebb2b7ea47d7c7536842fe922
- SSDEEP
  
  98304:6Z5XpB1ZejDkXI2DeRgLAxhhSka0CGEO3yrwTdKkP8IKtF5c2iwvH0vA2IqT:KB1U2EhhRHCKZIp9nmwvH0u
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer