lumma | abba84c99fd5cb566faff24d53b9ba280b990c9dbccb4c45dea1bef001c73794 | Triage

Sharing

General

Target

app1.exe
Size

19.3MB
Sample

240914-fn1bhsybmh
MD5

452b8d4200fe0997d80f0da262191a6e
SHA1

116ea013e7c9ed2d0160b34b583708ecfbafca50
SHA256

abba84c99fd5cb566faff24d53b9ba280b990c9dbccb4c45dea1bef001c73794
SHA512

5a5150d7fd631bbb78f56c0d1931bdaaf5413e94672896c7912c1fd5dbd979b640d338ff64982dc1f33f1713ad4726629db95c1c2dede5b54afb385707f7d1b0
SSDEEP

98304:KIKBsyqB+UW9jKh34wqiJI5LlBJ2hDjNg0hq2EmCP24ugp3sH92VlDptuRqGAGpu:qB5vjKh34w/I5LPJ0NkmCPVda9UuRq

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://paperryszjxuo.shop/api

Targets

- Target
  
  app1.exe
- Size
  
  19.3MB
- MD5
  
  452b8d4200fe0997d80f0da262191a6e
- SHA1
  
  116ea013e7c9ed2d0160b34b583708ecfbafca50
- SHA256
  
  abba84c99fd5cb566faff24d53b9ba280b990c9dbccb4c45dea1bef001c73794
- SHA512
  
  5a5150d7fd631bbb78f56c0d1931bdaaf5413e94672896c7912c1fd5dbd979b640d338ff64982dc1f33f1713ad4726629db95c1c2dede5b54afb385707f7d1b0
- SSDEEP
  
  98304:KIKBsyqB+UW9jKh34wqiJI5LlBJ2hDjNg0hq2EmCP24ugp3sH92VlDptuRqGAGpu:qB5vjKh34w/I5LPJ0NkmCPVda9UuRq
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer