lumma | 7cc7b64b9d8ec98659bc74cf61e627c3f62631e88ad8441f86b8f299b25f4b90

General

Target

517a260cf7c5dc7a305bc281670cec3e
Size

5.6MB
Sample

240914-h6f2pssgmd
MD5

517a260cf7c5dc7a305bc281670cec3e
SHA1

b6cb81244740254e40a4ef289fe7d9e0fe2ab521
SHA256

7cc7b64b9d8ec98659bc74cf61e627c3f62631e88ad8441f86b8f299b25f4b90
SHA512

1bdb15639e453ceef3ae7aea4bb4b1715d8871fc415f9c2d933ce151bf9721ceb28a1f386028de7e289a14ef9d791278d355c0b3948c45b6845e22172be85d46
SSDEEP

49152:GE4AqQJc7bTljcyvLCpGdQ9ocyu2GfzXo3Md1eVr5EbotlAjC5Eu2ms5HRZq2TXW:CBQGh2G4yMjo3Md1eV5EY+KcP

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://entertainingwzw.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

Extracted

Family

lumma

C2

https://entertainingwzw.shop/api

https://bannngwko.shop/api

Targets

- Target
  
  517a260cf7c5dc7a305bc281670cec3e
- Size
  
  5.6MB
- MD5
  
  517a260cf7c5dc7a305bc281670cec3e
- SHA1
  
  b6cb81244740254e40a4ef289fe7d9e0fe2ab521
- SHA256
  
  7cc7b64b9d8ec98659bc74cf61e627c3f62631e88ad8441f86b8f299b25f4b90
- SHA512
  
  1bdb15639e453ceef3ae7aea4bb4b1715d8871fc415f9c2d933ce151bf9721ceb28a1f386028de7e289a14ef9d791278d355c0b3948c45b6845e22172be85d46
- SSDEEP
  
  49152:GE4AqQJc7bTljcyvLCpGdQ9ocyu2GfzXo3Md1eVr5EbotlAjC5Eu2ms5HRZq2TXW:CBQGh2G4yMjo3Md1eV5EY+KcP
Score

10^/10

lumma stealer discovery
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2