lumma | 20c37f47c0cd8ce15946ac0ce897122a0edefdcb393becaa453b9a40e78c59db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

xLauncher (2024).rar
Size

429KB
Sample

241005-j2cddsvbrj
MD5

d2905022518dbcf63c2ded32d578ed8e
SHA1

52e2f6782d8da5faaf291b9ac408fe198f3670a9
SHA256

20c37f47c0cd8ce15946ac0ce897122a0edefdcb393becaa453b9a40e78c59db
SHA512

4c125093d4f36e833671e9b83a4a3866bd012d3896944be9c94709bbf0d89d223a42c534f290ebb4ffb56bffd7746424fd1c252d239c734b53feebe7d58a0da2
SSDEEP

12288:ERnmK8Dkmgatuc+7XzqT4BP4rGO5dfPP62:ERmK0k8tuc+7Xo4Z4rGOznP62

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Extracted

Family

lumma

C2

https://mobbipenju.store/api

https://eaglepawnoy.store/api

https://dissapoiznw.store/api

https://studennotediw.store/api

https://bathdoomgaz.store/api

https://spirittunek.store/api

Targets

- Target
  
  xLauncher.exe
- Size
  
  516KB
- MD5
  
  29e844b3dfc58f577359c73d5f1da57b
- SHA1
  
  309335aacc6da994fd06d8e1067fe43655cd029a
- SHA256
  
  1333d83820bb8516b13bf0551e27da27cf7a5169d11d241d3cecf0d2df2a8282
- SHA512
  
  64ebe743078852a9a885b0f1d479a550cc863f4028aa1a362af7a5ca482e4166c1c64567127097efd85faf18574d25e87d53283d275b39f0ad17e9fbe9aeaa1d
- SSDEEP
  
  12288:JqIS4Px1AB9ckI/uCqgmRdnP7IGtF8yvqOnzaKWLVP:FTx1Gg/mgmzP7nj8ySGaHF
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer