lumma | 22afc5b0ffd2b81dffe07ea9e6c9d9cb23626d02df7b8bc828695d6c667eff60 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1fada6e24cbe4939f173895ea6ef7279
Size

283KB
Sample

240914-b2yydszgjr
MD5

1fada6e24cbe4939f173895ea6ef7279
SHA1

3a3fa29ea2e6d047d849a1400ea64c8286397df5
SHA256

22afc5b0ffd2b81dffe07ea9e6c9d9cb23626d02df7b8bc828695d6c667eff60
SHA512

4b83b4e60ba83fcf86e8c6e95befb5c3d6fc4ed72c83f3bc6bb831dfcb77fe627caad87f3d431b7ccc3a0e3a597b1c6d4e6c1c1353934a9b0aa89ac11beb443d
SSDEEP

6144:/zyHMZNK+FJj5KXsS0BZ8BkB6V5IjuGA8a1V4pRym5eE6qGsMbEO:bIM3f5KXsjvGGjuKmVyIm4+G1bEO

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://spoortsiso.shop/api

https://interactiedovspm.shop/api

https://charecteristicdxp.shop/api

Targets

- Target
  
  1fada6e24cbe4939f173895ea6ef7279
- Size
  
  283KB
- MD5
  
  1fada6e24cbe4939f173895ea6ef7279
- SHA1
  
  3a3fa29ea2e6d047d849a1400ea64c8286397df5
- SHA256
  
  22afc5b0ffd2b81dffe07ea9e6c9d9cb23626d02df7b8bc828695d6c667eff60
- SHA512
  
  4b83b4e60ba83fcf86e8c6e95befb5c3d6fc4ed72c83f3bc6bb831dfcb77fe627caad87f3d431b7ccc3a0e3a597b1c6d4e6c1c1353934a9b0aa89ac11beb443d
- SSDEEP
  
  6144:/zyHMZNK+FJj5KXsS0BZ8BkB6V5IjuGA8a1V4pRym5eE6qGsMbEO:bIM3f5KXsjvGGjuKmVyIm4+G1bEO
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer