lumma | 68106b46f3a5b2e3e055accd9fecb2c55d818ecda90c4be7d4095b8e8ba610d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68106b46f3a5b2e3e055accd9fecb2c55d818ecda90c4be7d4095b8e8ba610d1.exe
Size

940KB
Sample

240906-brxmksygme
MD5

d0a14727b42ab54cb0ab209e6cf1a6a5
SHA1

0ac032532d4c31af4b5e938cb6a8a387f2f4c0c5
SHA256

68106b46f3a5b2e3e055accd9fecb2c55d818ecda90c4be7d4095b8e8ba610d1
SHA512

c04f39d1c9ef56a8789797ae839d8c8dbd0478130cf7917a13e92cd424ce1fcc262ddbcd06cd0eae0dede02a840d7ee34960d1bfdcb61ed16c329302f822a2ba
SSDEEP

24576:bwXqpw7d1MkClv4H0zSr971nxHdQ0b4jC:odMkClv4HJLVd54jC

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://tenntysjuxmz.shop/api

Targets

- Target
  
  68106b46f3a5b2e3e055accd9fecb2c55d818ecda90c4be7d4095b8e8ba610d1.exe
- Size
  
  940KB
- MD5
  
  d0a14727b42ab54cb0ab209e6cf1a6a5
- SHA1
  
  0ac032532d4c31af4b5e938cb6a8a387f2f4c0c5
- SHA256
  
  68106b46f3a5b2e3e055accd9fecb2c55d818ecda90c4be7d4095b8e8ba610d1
- SHA512
  
  c04f39d1c9ef56a8789797ae839d8c8dbd0478130cf7917a13e92cd424ce1fcc262ddbcd06cd0eae0dede02a840d7ee34960d1bfdcb61ed16c329302f822a2ba
- SSDEEP
  
  24576:bwXqpw7d1MkClv4H0zSr971nxHdQ0b4jC:odMkClv4HJLVd54jC
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer