lumma | 240b741f56770eb2e74bf1964594654ae769933a84617efe9853a6c550db9214 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

@Se-tUp_2244_Pa$$W0rdss!!.zip
Size

2.7MB
Sample

240908-ppgp8syckb
MD5

f1b503470f022779864c17dfd210bbea
SHA1

3b82afbe3f1fa341b9c475cf63fc4fb5d8133dd2
SHA256

240b741f56770eb2e74bf1964594654ae769933a84617efe9853a6c550db9214
SHA512

2db2366a143e58ee834d9ba12de7fbfbb5c94e587c17bdd0f394e74efa7c279bbd138a8c2677f0476fb954326dbdb0e30fd1655e446a6e4250875ecdcde248bc
SSDEEP

49152:W4zd+FK5fesdiRciOFEd+c4GtAozshQhQztmhcmqUUDTC4dWf/HGk:poK5fesdUEEUcFrqvmqUUDTLdwHN

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://unawaredfostwp.shop/api

https://millyscroqwp.shop/api

https://stagedchheiqwo.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  1.6MB
- MD5
  
  ec539c4a9c60b3690fbd891e19333362
- SHA1
  
  7cd141b72d9c6701c27f939b790624ebe04668fd
- SHA256
  
  1d60149ce640f4e07bceeb8940950441025277f1eba4f501f8afe558030b34fe
- SHA512
  
  b6a3496e7b6f7aed5dcc7e0bb3fe903d2c231ff5470bbedd37e8bea83b1951dc835f32ac6508dea8b561bfd6354e7741227a42eb49fc0575ce64e12b494c00c1
- SSDEEP
  
  24576:Iz2WcNmHWLyc6+QrRIVkQirZieVPpd27K8mBWSjTUvJ2Npi8TofJ8jH3cT:RNmHyyc63YwQcTjT02NPTofJWXcT
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  datastate.dll
- Size
  
  75KB
- MD5
  
  28f0ccf746f952f94ff434ca989b7814
- SHA1
  
  506e85d2de6377492d90b98aa20663b0ff3ce32a
- SHA256
  
  6010e2147a0f51a7bfa2f942a5a9eaad9a294f463f717963b486ed3f53d305c2
- SHA512
  
  b74ebb9a12079caf7bc074bb977ee94dc6ffcae845c1120026f384953fe2499d4bb0cdb7b6dcb2ff7f37e8135db06048815cc13d1837235eb11fe86e3c4572ee
- SSDEEP
  
  768:BdPmXHrMcRkZrVlqE6BI6TalNPzrrSRTy3IXGX8prYXDRMMUKkVp4VdEhahE:r+XrMzriE6BorrJIXJpCRM7fVp4c
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  sqlite3.dll
- Size
  
  889KB
- MD5
  
  139bc72a6045bd3761a701a2c8838481
- SHA1
  
  0702747c24b0f2637c6b09be7ccb91fda9ed1584
- SHA256
  
  b85a947025c582ca37a9c207a90b2efa8e0cb46557a258838e64451180821499
- SHA512
  
  53a69eda5b122bc31a20bd270ed80ca58fbde8c2fd9331dbe21d7943e5e5acc9b7dac651c42dbc0729e32c3a8eb465508a7b00c26c305724e804409c2709361d
- SSDEEP
  
  24576:X/xNAQB74x0FwTuis6eCwjH+SWAhzf/A/:XE+syis/LjH+S5hs
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer

behavioral3

behavioral4

behavioral5

behavioral6