lumma | 4447425f0a7e2ec8aa7f5bb5c2716b686ad704762ea9bb6f2f6707f1ae4399e8

General

Target

4447425f0a7e2ec8aa7f5bb5c2716b686ad704762ea9bb6f2f6707f1ae4399e8
Size

6.4MB
Sample

240913-xprjfashql
MD5

0c96d113736e4c176c2ea0f03a4a7009
SHA1

1c5b72bdd7a541521ca526b09e6b95871e69c77d
SHA256

4447425f0a7e2ec8aa7f5bb5c2716b686ad704762ea9bb6f2f6707f1ae4399e8
SHA512

adf0d715ff7c908e2373089b7f3da5e94167b5af7a2baf98081f7d1a3796d2ce79b8290cf2ae666e5d55688a2bde4f2460fb2b7ec61e8b754909aa7f32c47919
SSDEEP

196608:0LbwPwMZ53wYTHlWKaVlyd2NHdR3YvHNtqsNZ82+3PeZ:03w4u5g4lulydCHvSNtqYWPeZ

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://eggyosmdqnjo.shop/api

https://complainnykso.shop/api

https://basedsymsotp.shop/api

https://charistmatwio.shop/api

https://grassemenwji.shop/api

https://stitchmiscpaew.shop/api

https://commisionipwn.shop/api

Targets

- Target
  
  Set-up.exe
- Size
  
  12.0MB
- MD5
  
  a7118dffeac3772076f1a39a364d608d
- SHA1
  
  6b984d9446f23579e154ec47437b9cf820fd6b67
- SHA256
  
  f1973746ac0a703b23526f68c639436f0b26b0bc71c4f5adf36dc5f6e8a7f4d0
- SHA512
  
  f547c13b78acda9ca0523f0f8cd966c906f70a23a266ac86156dc7e17e6349e5f506366787e7a7823e2b07b0d614c9bd08e34ca5cc4f48799b0fe36ac836e890
- SSDEEP
  
  98304:ReAtQzKADvk/9TEaImN9/tiHBIn8c3hCEFRUTaZnPZOtXwH:ReAOWOM/FE1mNHiFc3hr7UTaZnhOtXwH
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  tak_deco_lib.dll
- Size
  
  315KB
- MD5
  
  cb9517a9c0147410a7a02d2cfe1c51ed
- SHA1
  
  5a7d26da73da11955551c898ab6e084aa048c443
- SHA256
  
  9d10701eed63382a46b2bc352feb7394759bf02c44a2bc67d7bf4d4d3393fb52
- SHA512
  
  e67c77866a86efbdd3eb2f4ac870fe1bb1387b0012d280ac3dfc76248f4d6b6843ee341346ff56056c7f08fea52b6e66d412126494236e47c355ed50f3331f30
- SSDEEP
  
  3072:FWxbAJvRdg6UwambkfOhOmesG+4ny2lV0+Z74:mYjm2IfmRHAyQVrZ
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4