lumma | 73da1775f7d198a340caeab0aaea897a0b7d1f23ceab778f96a906a717fe9da8

General

Target

z.zip
Size

10.3MB
Sample

241012-rfvxlsthre
MD5

b59f6e3660f06ceee8271fd9725fa9e8
SHA1

65c4cf44e4fa9d327181ca3826e866a40624474e
SHA256

73da1775f7d198a340caeab0aaea897a0b7d1f23ceab778f96a906a717fe9da8
SHA512

e85ce03ab2c472c53ae30ea99076bf393739d5456c2afa8e1c720911fbf2d16a7817736226517482e64279badb5f56fcf65257db42c547471d202721dc401a6c
SSDEEP

196608:0qIiMNDpjpxeNGXNkUVCLa0ylgIA8RdqAcqd2TcG27efgArRtT:jINNDlpUNG9rGQjRdpcqd2T327aDb

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://drawwyobstacw.sbs

https://condifendteu.sbs

https://ehticsprocw.sbs

https://vennurviot.sbs

https://resinedyw.sbs

https://enlargkiw.sbs

https://allocatinow.sbs

https://mathcucom.sbs

https://proclaimykn.buzz

Targets

- Target
  
  [email protected]
- Size
  
  781.6MB
- MD5
  
  30bc106a7a64edbbecabc7ec25a7eeb0
- SHA1
  
  7d5cdae23d30593cd395d5d83cc234fb128fd7c8
- SHA256
  
  380900fee200269329d9c0ea97f9ce596a6e3c38d18e74ee2c03b02baae747a8
- SHA512
  
  b46c9e29691f7f5e107c56168a1408f1d97da27a18e858026ab89a69f42bebbcfe8e2c433f69feb8a6b5ceb7ed3321c831168fedc1c55beb5a62ab0edbf4c395
- SSDEEP
  
  196608:JUHy0s8us92Lqh/nsXy2BLojRKpYLZC+tVo559fwwrkVtKW2t3D1RSW:x8u02iz2horLZCwa5ZwwrUT2FD1RSW
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2