lumma | 81bf1e74863cb2d9acd7b879df68387e06a73800febde5a37988a95eae0644dd | Triage

Sharing

General

Target

a.zip
Size

10.9MB
Sample

240911-yph3qszdjr
MD5

cf221c8825db6247bd9fe3b5aa03beb7
SHA1

cfe521647825ecfab3c79081125efa2706e410f4
SHA256

81bf1e74863cb2d9acd7b879df68387e06a73800febde5a37988a95eae0644dd
SHA512

e887f1f8ffc038a93936574f734cfb8317abc226b65819443fc1b7753c13f1ede8236c69fa361cbb242e42d09b7ed28be79e700148c1298ba41f2c060afafc00
SSDEEP

196608:xqO+mVMbv/wN0gqdj+ODBk/Mh2dGW9ee77FKR/7hqcz7DH0xjHeTBQVUaz0C0RC6:xqOWrPBdSwBadGW9e07FKp7lzURqZazy

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://preachstrwnwjw.shop/api

https://complainnykso.shop/api

https://basedsymsotp.shop/api

https://charistmatwio.shop/api

https://grassemenwji.shop/api

https://stitchmiscpaew.shop/api

https://commisionipwn.shop/api

Targets

- Target
  
  Exx7€uncher.exe
- Size
  
  751.4MB
- MD5
  
  796d2e1edf05b4997ae75f47c05acede
- SHA1
  
  7a173c7c7690e63c00061e5f782a62e292a0e78f
- SHA256
  
  14d3f9ce551a616674a26ed76efd5b210013a65b8559d9eba71ed8918b99e8fd
- SHA512
  
  bb9a2a5f4bb527fb3a5178e746d8708fc28f0e7db356b9dbb4cb645c98eb218d72abecf2cad044163253782a01f0bd153b16397ae5b9c31815f0c7c63b034263
- SSDEEP
  
  196608:XYmxHaZxkUjXYabfPyyhwp7K+zRzXqNyt9B0nfMa2N/w2MqGvz3m2:a8pt9zBx9BefMaQPqi2
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer