lumma | d7a7f31cbd71272a6978c2452b6b4db95973e92738d1b254e647837a33e7a012

General

Target

0c96d113736e4c176c2ea0f03a4a7009.bin
Size

6.4MB
Sample

240915-bc823axcjn
MD5

0fb0acdcd5627ea379fbf3b0421c69fc
SHA1

a0c178965275351963fbe284820c3a671bcbfbc5
SHA256

d7a7f31cbd71272a6978c2452b6b4db95973e92738d1b254e647837a33e7a012
SHA512

ecb2057c813a24f9e9ecd01655e1e907e1188a5429e3cef568cf13ffa679de5df6028bad37606f8b10c0d786092dcf81085d845e9dd2425e1b1f29f1724e8eb3
SSDEEP

196608:3y8ZDnRCsOQgneVzI4kHNnv5dSytvUD5AMSne:CAdCs/GeV0nHlvnZ25AMSne

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://eggyosmdqnjo.shop/api

https://complainnykso.shop/api

https://basedsymsotp.shop/api

https://charistmatwio.shop/api

https://grassemenwji.shop/api

https://stitchmiscpaew.shop/api

https://commisionipwn.shop/api

Targets

- Target
  
  Set-up.exe
- Size
  
  12.0MB
- MD5
  
  a7118dffeac3772076f1a39a364d608d
- SHA1
  
  6b984d9446f23579e154ec47437b9cf820fd6b67
- SHA256
  
  f1973746ac0a703b23526f68c639436f0b26b0bc71c4f5adf36dc5f6e8a7f4d0
- SHA512
  
  f547c13b78acda9ca0523f0f8cd966c906f70a23a266ac86156dc7e17e6349e5f506366787e7a7823e2b07b0d614c9bd08e34ca5cc4f48799b0fe36ac836e890
- SSDEEP
  
  98304:ReAtQzKADvk/9TEaImN9/tiHBIn8c3hCEFRUTaZnPZOtXwH:ReAOWOM/FE1mNHiFc3hr7UTaZnhOtXwH
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  tak_deco_lib.dll
- Size
  
  315KB
- MD5
  
  cb9517a9c0147410a7a02d2cfe1c51ed
- SHA1
  
  5a7d26da73da11955551c898ab6e084aa048c443
- SHA256
  
  9d10701eed63382a46b2bc352feb7394759bf02c44a2bc67d7bf4d4d3393fb52
- SHA512
  
  e67c77866a86efbdd3eb2f4ac870fe1bb1387b0012d280ac3dfc76248f4d6b6843ee341346ff56056c7f08fea52b6e66d412126494236e47c355ed50f3331f30
- SSDEEP
  
  3072:FWxbAJvRdg6UwambkfOhOmesG+4ny2lV0+Z74:mYjm2IfmRHAyQVrZ
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4