lumma | a9d23070edfd4d1d5407ffc57b13ad83435085e1dd63aa3e3f63a7568f754c64 | Triage

Sharing

General

Target

20240909e46e99ed8ae70a62bb0c6d1348e136dbpoetratsnatch
Size

20.1MB
Sample

240909-wke46s1gjn
MD5

e46e99ed8ae70a62bb0c6d1348e136db
SHA1

81538134bbe2f15daf75c7406a662e6eef4b266e
SHA256

a9d23070edfd4d1d5407ffc57b13ad83435085e1dd63aa3e3f63a7568f754c64
SHA512

47f40bc221c216c36fb76159a2284cff7f37edb209c19d781f5b5548b6b0f4eb7869f39f4c440c3d9cb132913f91cab7c53ca3715117f4b45c4f6539486087d8
SSDEEP

98304:CuT3fG8103sLV2jxNc7mzsKrzAPBdTSzc4qytQ5x5oCg2yBEPKxtTk6n/fy1bhpv:Lfl1WeKnUqhaxNgBWKfM1oS

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://circullateiosn.shop/api

Targets

- Target
  
  20240909e46e99ed8ae70a62bb0c6d1348e136dbpoetratsnatch
- Size
  
  20.1MB
- MD5
  
  e46e99ed8ae70a62bb0c6d1348e136db
- SHA1
  
  81538134bbe2f15daf75c7406a662e6eef4b266e
- SHA256
  
  a9d23070edfd4d1d5407ffc57b13ad83435085e1dd63aa3e3f63a7568f754c64
- SHA512
  
  47f40bc221c216c36fb76159a2284cff7f37edb209c19d781f5b5548b6b0f4eb7869f39f4c440c3d9cb132913f91cab7c53ca3715117f4b45c4f6539486087d8
- SSDEEP
  
  98304:CuT3fG8103sLV2jxNc7mzsKrzAPBdTSzc4qytQ5x5oCg2yBEPKxtTk6n/fy1bhpv:Lfl1WeKnUqhaxNgBWKfM1oS
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer