lumma | 6f31ec554fa2e3d435178c2bfe3243bb88394ea4f52f9de3a327ee55cdbb0f82

General

Target

artifact.bin
Size

519KB
Sample

240914-p6cgvavcjj
MD5

5f39d23655f80c3deb81361f3e207947
SHA1

9a68931ae4fd45b01c97c274c3ff24343fe249b5
SHA256

6f31ec554fa2e3d435178c2bfe3243bb88394ea4f52f9de3a327ee55cdbb0f82
SHA512

48c7f27d0d5947ad46bb11007e32236304d7f3d6837035d32d6e508d3a0e0cc3db1393efcc3276fed21b3ce5f36b0eb3a7f9182890e6e902013570bd87651350
SSDEEP

12288:EA3MS/AUidYY1lGR/DkDvoQzuMhYaVdtCRF0rx9BJrCXEO:EA3p/AQY1lGqvTzugYartsF0DBJrIt

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://elephanntys.shop/api

https://horizonvxjis.shop/api

https://effectivedoxzj.shop/api

https://parntorpkxzlp.shop/api

https://stimultaionsppzv.shop/api

https://grassytaisol.shop/api

https://broccoltisop.shop/api

https://shellfyyousdjz.shop/api

https://bravedreacisopm.shop/api

Extracted

Family

lumma

C2

https://elephanntys.shop/api

https://horizonvxjis.shop/api

Targets

- Target
  
  artifact.bin
- Size
  
  519KB
- MD5
  
  5f39d23655f80c3deb81361f3e207947
- SHA1
  
  9a68931ae4fd45b01c97c274c3ff24343fe249b5
- SHA256
  
  6f31ec554fa2e3d435178c2bfe3243bb88394ea4f52f9de3a327ee55cdbb0f82
- SHA512
  
  48c7f27d0d5947ad46bb11007e32236304d7f3d6837035d32d6e508d3a0e0cc3db1393efcc3276fed21b3ce5f36b0eb3a7f9182890e6e902013570bd87651350
- SSDEEP
  
  12288:EA3MS/AUidYY1lGR/DkDvoQzuMhYaVdtCRF0rx9BJrCXEO:EA3p/AQY1lGqvTzugYartsF0DBJrIt
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2