lumma | d6016eee33df0ed29db242fdba111443967d9e85000ead5d3c2ea5733c27af93

General

Target

c152b29d6239b1d7c727a5dd849b2014.virus
Size

463KB
Sample

240914-m8xjpazhnm
MD5

c152b29d6239b1d7c727a5dd849b2014
SHA1

36fea188005d8cebdc87098bf5d3072cc31928d0
SHA256

d6016eee33df0ed29db242fdba111443967d9e85000ead5d3c2ea5733c27af93
SHA512

f73e00d774ee327d4e0f813ddb31c8a7936359235641ecbf8acccb5c007e60445cfdda3cbf1a17ab33828072f1a30f631b193c970719e7db4ddc1879fd6c3cd5
SSDEEP

6144:s9PAVCrG2hClB9iVfMnXruuhcUK26RxtX9SYHscuVkx:s3GOClSf0KPN9scz

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://wisemassiveharmonious.shop/api

https://colorfulequalugliess.shop/api

https://relevantvoicelesskw.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

- Target
  
  c152b29d6239b1d7c727a5dd849b2014.virus
- Size
  
  463KB
- MD5
  
  c152b29d6239b1d7c727a5dd849b2014
- SHA1
  
  36fea188005d8cebdc87098bf5d3072cc31928d0
- SHA256
  
  d6016eee33df0ed29db242fdba111443967d9e85000ead5d3c2ea5733c27af93
- SHA512
  
  f73e00d774ee327d4e0f813ddb31c8a7936359235641ecbf8acccb5c007e60445cfdda3cbf1a17ab33828072f1a30f631b193c970719e7db4ddc1879fd6c3cd5
- SSDEEP
  
  6144:s9PAVCrG2hClB9iVfMnXruuhcUK26RxtX9SYHscuVkx:s3GOClSf0KPN9scz
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2