lumma | 039b5c33e607f05ce2b84a882b403239dd7211104c0e7db779d41a1cf6868830 | Triage

Sharing

General

Target

fix.zip
Size

494KB
Sample

240929-czb7aayhrh
MD5

39476786d33204f291b3a2c3730bbb43
SHA1

64eb555d52842590fa3813fe21f97447b3c81db8
SHA256

039b5c33e607f05ce2b84a882b403239dd7211104c0e7db779d41a1cf6868830
SHA512

f3cd8de454b5c74a1855481613e5e72225106a92dee0111a3e2a5dcfee3c6df2094b06101cf1e92a9c02160057efd22476f7d2b48f54d73d160f6696aa31e5d2
SSDEEP

12288:++aPl2jDKxvftOW8GYq2UmAvBXiNmFVhP5M/gYZvGg:FaPl2/cvFORqLRYmF3RZYZvGg

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Extracted

Family

lumma

C2

https://possiwreeste.site/api

https://underlinemdsj.site/api

Targets

- Target
  
  fix/ErrorDetails.dll
- Size
  
  554KB
- MD5
  
  27871c1ce8c913a7c6f6aa00115298ec
- SHA1
  
  7bc4c192c3592047366f97f3a2ceb08962be00b6
- SHA256
  
  4f5f4cb7f74ce012b60473f419f284e5fd8e2f8914ff1427e09fea27ee278691
- SHA512
  
  28c3558ece924b2e12bf864aefd3bb50191c6fb1a1df9b8df2b5b31eea7183f954eaa50ca23b26928b305a4cb26735152e92dd0b8fba5dda1ebfa1544b2cf7c3
- SSDEEP
  
  6144:e3eGjegD2ox3G0cDYcgyBZvU9zGoDa09h6Dp9LCFWmx7OeCZ3Uhj3hRnxJm:kjnD7xPTyBQKoDTP6F9Lw9kCjPi
Score

1^/10
behavioral1
- Target
  
  fix/x86_64-w64-ranlib.exe
- Size
  
  706KB
- MD5
  
  3e00b2ac577756508194da0c22034e44
- SHA1
  
  1fa05fd59f9f76eee4802af1c7106adceaa0e455
- SHA256
  
  803ef9e29b6f457ef4c3ef1c946a2dd50def32a4b307afb5a8ea72d05a270086
- SHA512
  
  986da32de1f706cad06e73f0a4386ca3926555b5fa85a19f335f2d16633aeb13b988decc54f0b0a351049ad74fd839323cb75403bbbd5775f157ef5e1c9f91b5
- SSDEEP
  
  6144:N6yVP6bIPM4t4+/2M/6FG6Sv8qLYOeRJdzsW5LDVE+dPHemjrPoeSFzbby:FPMS7FSFGn8qLYpRJdzh9hdPjjrPoT2
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer