lumma | 2fad7f1752f7c3f57c038bf09359093471523172c08572117eaba2556e859509

General

Target

2fad7f1752f7c3f57c038bf09359093471523172c08572117eaba2556e859509.exe
Size

12.9MB
Sample

241002-ml4pgs1eql
MD5

3677ebc159e92251f19020e9ab4b62ad
SHA1

561483bb3f3ae9d384d21670f184a7c3fc9cf9c5
SHA256

2fad7f1752f7c3f57c038bf09359093471523172c08572117eaba2556e859509
SHA512

1daa3a77bc77b422678fdb65362d1dde1d8f1cce20b68a25b84c79a11abc7e06e8cebf98a7cb0f957f612b6047c9e76c53e18f458288d633efcb35dcd0a718a6
SSDEEP

98304:IdYu0vXx5GmAxBvSmSSxBREz5A1XVafXFP+JgIX:IdmXx5GmSkm7xByz5wRJgIX

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://reinforcenh.shop/api

https://stogeneratmns.shop/api

https://fragnantbui.shop/api

https://drawzhotdog.shop/api

https://vozmeatillu.shop/api

https://offensivedzvju.shop/api

https://ghostreedmnu.shop/api

https://gutterydhowi.shop/api

https://dividenntykw.shop/api

Extracted

Family

lumma

C2

https://dividenntykw.shop/api

https://gravvitywio.store/api

Targets

- Target
  
  2fad7f1752f7c3f57c038bf09359093471523172c08572117eaba2556e859509.exe
- Size
  
  12.9MB
- MD5
  
  3677ebc159e92251f19020e9ab4b62ad
- SHA1
  
  561483bb3f3ae9d384d21670f184a7c3fc9cf9c5
- SHA256
  
  2fad7f1752f7c3f57c038bf09359093471523172c08572117eaba2556e859509
- SHA512
  
  1daa3a77bc77b422678fdb65362d1dde1d8f1cce20b68a25b84c79a11abc7e06e8cebf98a7cb0f957f612b6047c9e76c53e18f458288d633efcb35dcd0a718a6
- SSDEEP
  
  98304:IdYu0vXx5GmAxBvSmSSxBREz5A1XVafXFP+JgIX:IdmXx5GmSkm7xByz5wRJgIX
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2