lumma | 3019ad0dd1361cdf24a6286196c69c18a44ec336538d44ccf2fda496c2c959a3

General

Target

modest-menu.exe
Size

2.5MB
Sample

240914-l168gsybjj
MD5

d881547121335440ca6f3d35735d7ad2
SHA1

7f5f337ba5ec73bc03094396d86cd4c328a8c735
SHA256

3019ad0dd1361cdf24a6286196c69c18a44ec336538d44ccf2fda496c2c959a3
SHA512

98e14d9956565bde7bd13b3871d4eeaa774b93dabd6159d0dab8e2cd61a3194c78544e4858ef3219f8e789f72a5d60f328ff784677a7290ee412147d75003dbd
SSDEEP

49152:aBYW2WpEK09Eu0YovdTWZzX2Xfom7SHzuy+TP4z0TCubCaR9NyFfvca3tu4l1gcE:5WXWKCyiZzX2vomTymt2ueaRaMCu4wcE

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://affecthorsedpo.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

Extracted

Family

lumma

C2

https://affecthorsedpo.shop/api

Targets

- Target
  
  modest-menu.exe
- Size
  
  2.5MB
- MD5
  
  d881547121335440ca6f3d35735d7ad2
- SHA1
  
  7f5f337ba5ec73bc03094396d86cd4c328a8c735
- SHA256
  
  3019ad0dd1361cdf24a6286196c69c18a44ec336538d44ccf2fda496c2c959a3
- SHA512
  
  98e14d9956565bde7bd13b3871d4eeaa774b93dabd6159d0dab8e2cd61a3194c78544e4858ef3219f8e789f72a5d60f328ff784677a7290ee412147d75003dbd
- SSDEEP
  
  49152:aBYW2WpEK09Eu0YovdTWZzX2Xfom7SHzuy+TP4z0TCubCaR9NyFfvca3tu4l1gcE:5WXWKCyiZzX2vomTymt2ueaRaMCu4wcE
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2