lumma | 868ffbdbd26c5e4a46bb167dc9d82ef288592926608508f2ac85cb8b9707b114 | Triage

Sharing

General

Target

20240929e4ead981bdc76c569783367decbe2baapoetratsnatch
Size

12.5MB
Sample

240929-1bs2ws1fmp
MD5

e4ead981bdc76c569783367decbe2baa
SHA1

c9edeebaac2b5672c53795dfb3a745cf447a7464
SHA256

868ffbdbd26c5e4a46bb167dc9d82ef288592926608508f2ac85cb8b9707b114
SHA512

7b98f84598f9842d11a747994ca8306e6db9753e2685450da8e4003fdb1df13ed3170397784cb24af88a29d8a77ed020d893538cf504e727cd15b56c7130ef18
SSDEEP

98304:x5T34bagVJ9hv8LLsimW183uxr6LsHw99rG:N+FBW+exr6wAK

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Extracted

Family

lumma

C2

https://possiwreeste.site/api

https://underlinemdsj.site/api

https://chaptermusu.store/api

Targets

- Target
  
  20240929e4ead981bdc76c569783367decbe2baapoetratsnatch
- Size
  
  12.5MB
- MD5
  
  e4ead981bdc76c569783367decbe2baa
- SHA1
  
  c9edeebaac2b5672c53795dfb3a745cf447a7464
- SHA256
  
  868ffbdbd26c5e4a46bb167dc9d82ef288592926608508f2ac85cb8b9707b114
- SHA512
  
  7b98f84598f9842d11a747994ca8306e6db9753e2685450da8e4003fdb1df13ed3170397784cb24af88a29d8a77ed020d893538cf504e727cd15b56c7130ef18
- SSDEEP
  
  98304:x5T34bagVJ9hv8LLsimW183uxr6LsHw99rG:N+FBW+exr6wAK
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer