lumma | bd2ba38b08859e3cd096a8c243c78cd3463ee5ff6a391e8a2ae410a96375a631 | Triage

Sharing

General

Target

Unpacker.exe
Size

752KB
Sample

241119-ka21eatbjr
MD5

7d39eabebcc2041aa608ca797a6dbbd4
SHA1

1ebf11ee8788aa05068e2fffbe0efd89d39ee23d
SHA256

bd2ba38b08859e3cd096a8c243c78cd3463ee5ff6a391e8a2ae410a96375a631
SHA512

5c2813b3a11719b8f0c6f27d7c22d1b2aed4afddb2e7d4d287beb3e4f3a277bfe0aaa4d0efb54d674fb69beeef788af14aa96c8a1bdcdd24c0962dd3100360ec
SSDEEP

12288:yzVbv9nzyQhG8UVKbhjA2KFh7lCkCyYvIsdWzAfFWhSvOTZppJL:yZbv1yQhUVKbhE2KNaTgsdWQ8SvOTZpP

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://processhol.sbs/api

https://p10tgrace.sbs/api

https://peepburry828.sbs/api

https://3xp3cts1aim.sbs/api

https://p3ar11fter.sbs/api

Targets

- Target
  
  Unpacker.exe
- Size
  
  752KB
- MD5
  
  7d39eabebcc2041aa608ca797a6dbbd4
- SHA1
  
  1ebf11ee8788aa05068e2fffbe0efd89d39ee23d
- SHA256
  
  bd2ba38b08859e3cd096a8c243c78cd3463ee5ff6a391e8a2ae410a96375a631
- SHA512
  
  5c2813b3a11719b8f0c6f27d7c22d1b2aed4afddb2e7d4d287beb3e4f3a277bfe0aaa4d0efb54d674fb69beeef788af14aa96c8a1bdcdd24c0962dd3100360ec
- SSDEEP
  
  12288:yzVbv9nzyQhG8UVKbhjA2KFh7lCkCyYvIsdWzAfFWhSvOTZppJL:yZbv1yQhUVKbhE2KNaTgsdWQ8SvOTZpP
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer