lumma | c5151ecfe315254b3651d045a02be27de023c70d8d4ee5ace6c92eff57fa3ef5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d91a80a2583d968b1a47c3c0a903b8e0N
Size

581KB
Sample

240907-yks25s1frm
MD5

d91a80a2583d968b1a47c3c0a903b8e0
SHA1

f0d7b332e9bfc601e702025ac1be0a78c86f86fc
SHA256

c5151ecfe315254b3651d045a02be27de023c70d8d4ee5ace6c92eff57fa3ef5
SHA512

8becb383dd67602466002f6debd19b02ef8099d0e4a38fd785cd41bc2fd67f7bc79a1a019f74d72b2631cf56a59f6ed0a15a0808deb9be54baeeb8b4df5e8c1b
SSDEEP

12288:pSxO3+BKwSQ5FlF9KOTUl1CXz/srGI+LDHb+JT2dr:pSg3+BKwSQ5F/wfAMGIbad

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://muggudrowiwm.shop/api

https://condedqpwqm.shop/api

Targets

- Target
  
  d91a80a2583d968b1a47c3c0a903b8e0N
- Size
  
  581KB
- MD5
  
  d91a80a2583d968b1a47c3c0a903b8e0
- SHA1
  
  f0d7b332e9bfc601e702025ac1be0a78c86f86fc
- SHA256
  
  c5151ecfe315254b3651d045a02be27de023c70d8d4ee5ace6c92eff57fa3ef5
- SHA512
  
  8becb383dd67602466002f6debd19b02ef8099d0e4a38fd785cd41bc2fd67f7bc79a1a019f74d72b2631cf56a59f6ed0a15a0808deb9be54baeeb8b4df5e8c1b
- SSDEEP
  
  12288:pSxO3+BKwSQ5FlF9KOTUl1CXz/srGI+LDHb+JT2dr:pSg3+BKwSQ5F/wfAMGIbad
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer