lumma | 8f37465d74be6e785296584fe6d4e5a8bd9f09c6a9db38c9a377c28ca25da986 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f37465d74be6e785296584fe6d4e5a8bd9f09c6a9db38c9a377c28ca25da986.exe
Size

11.3MB
Sample

241002-mmn1esvgrh
MD5

d3a46bd951e1bb457349dac15c09098e
SHA1

a0ce8454ce4077858ac8b3ce17f410634f0f0493
SHA256

8f37465d74be6e785296584fe6d4e5a8bd9f09c6a9db38c9a377c28ca25da986
SHA512

66686e1fc4eda455c80808da2345a71fdf14022f73e0e0dfb12bd7206a949fb45303bf5b96b6ffd020ca5306e9852cf2291f573713df276a01d8449d93de7138
SSDEEP

98304:EdtD8zVLzK0LZ1IGhos6BYA12PAsFPWFm:LsgsKPvPWFm

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://nurserrsjwuwq.shop/api

Extracted

Family

lumma

C2

https://nurserrsjwuwq.shop/api

https://gravvitywio.store/api

Targets

- Target
  
  8f37465d74be6e785296584fe6d4e5a8bd9f09c6a9db38c9a377c28ca25da986.exe
- Size
  
  11.3MB
- MD5
  
  d3a46bd951e1bb457349dac15c09098e
- SHA1
  
  a0ce8454ce4077858ac8b3ce17f410634f0f0493
- SHA256
  
  8f37465d74be6e785296584fe6d4e5a8bd9f09c6a9db38c9a377c28ca25da986
- SHA512
  
  66686e1fc4eda455c80808da2345a71fdf14022f73e0e0dfb12bd7206a949fb45303bf5b96b6ffd020ca5306e9852cf2291f573713df276a01d8449d93de7138
- SSDEEP
  
  98304:EdtD8zVLzK0LZ1IGhos6BYA12PAsFPWFm:LsgsKPvPWFm
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer