lumma | 67e3ec905356507710d59d02aed54cdb7cdf4d3eec10193dde869ade9a7ae89c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ApplicatinSetupFile14.1.exe
Size

348KB
Sample

241002-yyq5psxgpf
MD5

6377c5dc2bdea6c5fe3dd4c68c06ea2f
SHA1

05f9bc3df8d4c2d2058b742fd949cf16bc732d9f
SHA256

67e3ec905356507710d59d02aed54cdb7cdf4d3eec10193dde869ade9a7ae89c
SHA512

4e5533b714bfd6b0f27a3d14af5699d4413bbbd7f8ddcfd864e1c26cce866d078aa26c58fcdab55f6e8ac94f599c4d63f19277e3c9997f7648d14b1a028e12db
SSDEEP

6144:1YlqIGPKAGyDZvL5XsPR052s6rZsLW6oONBXlHPcVrI14v2mkxJv4s3Tn0m4NLU:1SMRTos6reLW6oIBVm12mZs3Tn0m4NLU

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://admissionfaccen.shop/api

Extracted

Family

lumma

C2

https://admissionfaccen.shop/api

Targets

- Target
  
  ApplicatinSetupFile14.1.exe
- Size
  
  348KB
- MD5
  
  6377c5dc2bdea6c5fe3dd4c68c06ea2f
- SHA1
  
  05f9bc3df8d4c2d2058b742fd949cf16bc732d9f
- SHA256
  
  67e3ec905356507710d59d02aed54cdb7cdf4d3eec10193dde869ade9a7ae89c
- SHA512
  
  4e5533b714bfd6b0f27a3d14af5699d4413bbbd7f8ddcfd864e1c26cce866d078aa26c58fcdab55f6e8ac94f599c4d63f19277e3c9997f7648d14b1a028e12db
- SSDEEP
  
  6144:1YlqIGPKAGyDZvL5XsPR052s6rZsLW6oONBXlHPcVrI14v2mkxJv4s3Tn0m4NLU:1SMRTos6reLW6oIBVm12mZs3Tn0m4NLU
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer