lumma | 9051cc47931f94d44a1173821c4bf7e7fc574a0f0ed83c223fa8998b16551d0a | Triage

Sharing

General

Target

20240918e9578b81b384a31c3bc3db3e8069300fpoetratsnatch
Size

19.2MB
Sample

240919-hy6bmawhqr
MD5

e9578b81b384a31c3bc3db3e8069300f
SHA1

0790d0e09f4e49c4a6ae4078483d75e2c1267804
SHA256

9051cc47931f94d44a1173821c4bf7e7fc574a0f0ed83c223fa8998b16551d0a
SHA512

9dffd695fe326b41e3efb75dbb27a43d3416e46a3adf450f4202409803afc63fb81623b5f2b908c254bebeedd9f0ae9a2006f070fa2daecf14f478bf7cb9ae25
SSDEEP

98304:+kPZueR9MrbC+0P9VjANdZlKdtwHqgxsV8mnCxCg1ibt/iIii/ToFWraiQkYOa09:buWW2c2eqgqV8QCx+bvrEPSpG

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://taillymodwp.shop/api

Targets

- Target
  
  20240918e9578b81b384a31c3bc3db3e8069300fpoetratsnatch
- Size
  
  19.2MB
- MD5
  
  e9578b81b384a31c3bc3db3e8069300f
- SHA1
  
  0790d0e09f4e49c4a6ae4078483d75e2c1267804
- SHA256
  
  9051cc47931f94d44a1173821c4bf7e7fc574a0f0ed83c223fa8998b16551d0a
- SHA512
  
  9dffd695fe326b41e3efb75dbb27a43d3416e46a3adf450f4202409803afc63fb81623b5f2b908c254bebeedd9f0ae9a2006f070fa2daecf14f478bf7cb9ae25
- SSDEEP
  
  98304:+kPZueR9MrbC+0P9VjANdZlKdtwHqgxsV8mnCxCg1ibt/iIii/ToFWraiQkYOa09:buWW2c2eqgqV8QCx+bvrEPSpG
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer