lumma | cf266152ca5293aee22d1e6175811f8c909f9a8e283161a6fd130d4186c800f3 | Triage

Sharing

General

Target

cf266152ca5293aee22d1e6175811f8c909f9a8e283161a6fd130d4186c800f3.exe
Size

21.4MB
Sample

240914-kpm5ssvhjl
MD5

49ec80bf172ef2012a08499781c31310
SHA1

f2822f1e17e69c8d3aafa33cebd8125e94e0c311
SHA256

cf266152ca5293aee22d1e6175811f8c909f9a8e283161a6fd130d4186c800f3
SHA512

d2cbbc02ac51cc2baa19b3daee30336e76ddc2340d00e478be8e109bf6eaa92a31babdac38fd2e44f7d45dc4e3c4dcd98da77388ebb10d7617a652bd135d7175
SSDEEP

98304:118QEsEAjX/ZgRhoxKTx5q0bTZ4W9x8Q3CmZQk7LPSeORlzoTJTGefnoGC9DwM52:vEzArlo8iuWDi5m6efZMzSj/82

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://femininedspzmhu.shop/api

Targets

- Target
  
  cf266152ca5293aee22d1e6175811f8c909f9a8e283161a6fd130d4186c800f3.exe
- Size
  
  21.4MB
- MD5
  
  49ec80bf172ef2012a08499781c31310
- SHA1
  
  f2822f1e17e69c8d3aafa33cebd8125e94e0c311
- SHA256
  
  cf266152ca5293aee22d1e6175811f8c909f9a8e283161a6fd130d4186c800f3
- SHA512
  
  d2cbbc02ac51cc2baa19b3daee30336e76ddc2340d00e478be8e109bf6eaa92a31babdac38fd2e44f7d45dc4e3c4dcd98da77388ebb10d7617a652bd135d7175
- SSDEEP
  
  98304:118QEsEAjX/ZgRhoxKTx5q0bTZ4W9x8Q3CmZQk7LPSeORlzoTJTGefnoGC9DwM52:vEzArlo8iuWDi5m6efZMzSj/82
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer