lumma | 5adf420b3d5d59e92c2b5194ee3b5375c1f7aa71f116ce2807230e3ce1b77178

General

Target

script-2.exe
Size

14.3MB
Sample

241118-lbrrhatcka
MD5

cad070c9ba5aa9c233033d34d36a5b1c
SHA1

4bf0cc596391fddddfda3ffff965f93c6426ce31
SHA256

5adf420b3d5d59e92c2b5194ee3b5375c1f7aa71f116ce2807230e3ce1b77178
SHA512

fbe729714c892d80b1f21072a940f38c6dfa8a44380c1883a0ef92c2a1d76477a6a858c2b60acf2d38dd85b91afaa51eb9552587e20c0f24d56abf33a9484018
SSDEEP

393216:d7PdKEr1sBRon11dL01+l+uq+Vvz1+TtIiLf0VlCR63l:dhKc1sI1R01+l+uqgvz1QtIhla8

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://carrtychaintnyw.shop/api

https://quotamkdsdqo.shop/api

https://milldymarskwom.shop/api

https://metallygaricwo.shop/api

https://opponnentduei.shop/api

https://puredoffustow.shop/api

https://achievenmtynwjq.shop/api

https://chickerkuso.shop/api

https://tryyudjasudqo.shop/api

Targets

- Target
  
  script-2.exe
- Size
  
  14.3MB
- MD5
  
  cad070c9ba5aa9c233033d34d36a5b1c
- SHA1
  
  4bf0cc596391fddddfda3ffff965f93c6426ce31
- SHA256
  
  5adf420b3d5d59e92c2b5194ee3b5375c1f7aa71f116ce2807230e3ce1b77178
- SHA512
  
  fbe729714c892d80b1f21072a940f38c6dfa8a44380c1883a0ef92c2a1d76477a6a858c2b60acf2d38dd85b91afaa51eb9552587e20c0f24d56abf33a9484018
- SSDEEP
  
  393216:d7PdKEr1sBRon11dL01+l+uq+Vvz1+TtIiLf0VlCR63l:dhKc1sI1R01+l+uqgvz1QtIhla8
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  script.pyc
- Size
  
  2KB
- MD5
  
  254383ed0eb6a39f5db755bb7ff2843c
- SHA1
  
  d8bcbab68647f0a613eef3b5ccb8740504a9b857
- SHA256
  
  55e6a0d83c2adabff2e996c288304e5f2663cafd4ad4460dcd9af6c167378616
- SHA512
  
  56a30db47e2d4fe1624a6cb8c454ac03b116521166f338757d62b87ba56d7a535cfce0e2c3d79edf6360091fb60aba758c0368c8e5dda8f78fc4ea87fe797c1c
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4