lumma | 7d495821954e810cda305ccde3d3fca0fbdbd3abd437694117697a030127a9e2 | Triage

Sharing

General

Target

2024-09-05_51c6c420574c25778032fb816840b8a1_poet-rat_snatch
Size

15.3MB
Sample

240905-pnfrjs1bjm
MD5

51c6c420574c25778032fb816840b8a1
SHA1

6b56a087f90567939e2cbc2ce916b4e8f3ae043d
SHA256

7d495821954e810cda305ccde3d3fca0fbdbd3abd437694117697a030127a9e2
SHA512

448e8448c05ab7310adf1d2350462a7f4b972867e6269c44905d603bf94821c52d98115aabb59833f806e3e65b89e891f8d4d3ad4f233dd3f9383f9718014e28
SSDEEP

98304:mHB1kh/JftvWYf78X1Mlpo9SJzrbSUT/Pfm+KXRDV8HrASqyRxDgv:ckVVel4u+ARZ8XD2

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://provisionfusni.shop/api

https://condedqpwqm.shop/api

Targets

- Target
  
  2024-09-05_51c6c420574c25778032fb816840b8a1_poet-rat_snatch
- Size
  
  15.3MB
- MD5
  
  51c6c420574c25778032fb816840b8a1
- SHA1
  
  6b56a087f90567939e2cbc2ce916b4e8f3ae043d
- SHA256
  
  7d495821954e810cda305ccde3d3fca0fbdbd3abd437694117697a030127a9e2
- SHA512
  
  448e8448c05ab7310adf1d2350462a7f4b972867e6269c44905d603bf94821c52d98115aabb59833f806e3e65b89e891f8d4d3ad4f233dd3f9383f9718014e28
- SSDEEP
  
  98304:mHB1kh/JftvWYf78X1Mlpo9SJzrbSUT/Pfm+KXRDV8HrASqyRxDgv:ckVVel4u+ARZ8XD2
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer