lumma | 08f79ddcfe050f79a5de53fb8a6ba08e299a2938dd4fdcf1ee4b6b181dd0fd9b | Triage

Sharing

General

Target

08f79ddcfe050f79a5de53fb8a6ba08e299a2938dd4fdcf1ee4b6b181dd0fd9b.zip
Size

7.9MB
Sample

240919-g4aw8svclh
MD5

b32a4c9afe4d819837569ae182619f57
SHA1

6e5aaac6d1e209a48b7cdf434719dd0dc6f93fa9
SHA256

08f79ddcfe050f79a5de53fb8a6ba08e299a2938dd4fdcf1ee4b6b181dd0fd9b
SHA512

b47f2e482773da821c59857c269ee69c65d10c106a32799a832fe34ab0bcd7237f33d6610226fdd4d4cf238d6f964a76463a4e4104642a6f077a4b5c2e756bef
SSDEEP

196608:QQpMdzjWjrWq6JvEhVRdUfpSpazVhYP1I3iTUOYYAxCak3:NlAJvEfHUfpSp0rOTLt3

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://understagkedow.shop/api

Targets

- Target
  
  log-analyzer.exe
- Size
  
  22.5MB
- MD5
  
  755a33949df13ef2bbe5b9d97deb3765
- SHA1
  
  4c8682f7161f8d4a2cd66c70a3f9bfae9a957746
- SHA256
  
  845cfcc1672432e89d4f5f7ace57e8f48e5bae9cb1c0bb383c265fc04517ccc0
- SHA512
  
  2c8a0a73381395be04c01329cbbaf1b3331efa01e538e3c23f2a311d81b9f78690e64e8f3ad8d8510f0428de19caebfdfefc0f959d2d0aecef10e28309cf3056
- SSDEEP
  
  196608:HmRN/HYHTeQYt2utpIAU/7QrGCDsfMvveI:HYKQZT+Z
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer