lumma | 01ecdc8b1cf1181f28dc1a359902c3b0392b0e97e68daba25cbd7ba89328c4dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-06_6f55369633b1ed57fd9445243069a286_poet-rat_snatch
Size

17.9MB
Sample

240906-qryl7sydrp
MD5

6f55369633b1ed57fd9445243069a286
SHA1

45f8f6359a6afe5602d25bd59ecf7018edd6a78a
SHA256

01ecdc8b1cf1181f28dc1a359902c3b0392b0e97e68daba25cbd7ba89328c4dc
SHA512

31b3f47210e743fd74137604e335ebbc8340338420beb18876367c2d8195b6ceae03835f56e11274c7890ff7033e1d3d56b12e0423077980a30245f7b44e46aa
SSDEEP

98304:8LD6p4pwdZPwQPNH0HQygMmpvyMquQG9HZ8v6SZLpHERkgB3UyXzlic8gRbqpewz:Xp4OdxyQ1pvQCZtBszPEa

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://reluctancedopmxz.shop/api

https://condedqpwqm.shop/api

Targets

- Target
  
  2024-09-06_6f55369633b1ed57fd9445243069a286_poet-rat_snatch
- Size
  
  17.9MB
- MD5
  
  6f55369633b1ed57fd9445243069a286
- SHA1
  
  45f8f6359a6afe5602d25bd59ecf7018edd6a78a
- SHA256
  
  01ecdc8b1cf1181f28dc1a359902c3b0392b0e97e68daba25cbd7ba89328c4dc
- SHA512
  
  31b3f47210e743fd74137604e335ebbc8340338420beb18876367c2d8195b6ceae03835f56e11274c7890ff7033e1d3d56b12e0423077980a30245f7b44e46aa
- SSDEEP
  
  98304:8LD6p4pwdZPwQPNH0HQygMmpvyMquQG9HZ8v6SZLpHERkgB3UyXzlic8gRbqpewz:Xp4OdxyQ1pvQCZtBszPEa
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer