lumma | 520940684b1322dfc1dc8032c60967a386640878446aeca00283248da8d7f038 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-08_57fec16c5ec610ca50a696a7f8f0cebf_poet-rat_snatch
Size

26.6MB
Sample

240908-s5m4qswgja
MD5

57fec16c5ec610ca50a696a7f8f0cebf
SHA1

e53255258586b6d2dec40f83d119e640d5af6084
SHA256

520940684b1322dfc1dc8032c60967a386640878446aeca00283248da8d7f038
SHA512

f3f38e3bd9db5d9a099668cfb407b38fb352fa8b43e8b0ce7c0c6a61041347e9161fe89815cb650aa6a2171a5b189bd6919f7fe8d62966dece38abf63e0855e2
SSDEEP

196608:BIAKh/qh2IL0It9wbLEp656l5vtPdFE5uUEjjTmN:uAdLrtmd5s1j7mN

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://riffledopspzio.shop/api

Targets

- Target
  
  2024-09-08_57fec16c5ec610ca50a696a7f8f0cebf_poet-rat_snatch
- Size
  
  26.6MB
- MD5
  
  57fec16c5ec610ca50a696a7f8f0cebf
- SHA1
  
  e53255258586b6d2dec40f83d119e640d5af6084
- SHA256
  
  520940684b1322dfc1dc8032c60967a386640878446aeca00283248da8d7f038
- SHA512
  
  f3f38e3bd9db5d9a099668cfb407b38fb352fa8b43e8b0ce7c0c6a61041347e9161fe89815cb650aa6a2171a5b189bd6919f7fe8d62966dece38abf63e0855e2
- SSDEEP
  
  196608:BIAKh/qh2IL0It9wbLEp656l5vtPdFE5uUEjjTmN:uAdLrtmd5s1j7mN
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer