lumma | 85579e584505caf0cbadd2fe350c72bf5cb569aaf7153e60dd83229259e0da9b | Triage

Sharing

General

Target

Loader2.exe
Size

422KB
Sample

241119-qmkjsaxcnn
MD5

c9ff17fc0b4b79260e0021bf40d1a903
SHA1

89dacc7316cf60148d1e65eae1335bc806c4a49d
SHA256

85579e584505caf0cbadd2fe350c72bf5cb569aaf7153e60dd83229259e0da9b
SHA512

fa184735f39cac65589a6ecd2a308a32de07f40ccab2fbb9d3863af54ad88d46886226bd44d1f3d479a3227a67bb29eb34eed31b289a75d40f056dcf18763ca5
SSDEEP

12288:lutZv0dHkvFYeaCr2h/HuyzwD2eym66+Kkpq9cItrPuY+rU8WtC:luIEt4dB

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://tamedgeesy.sbs

https://relalingj.sbs

https://rottieud.sbs

https://brownieyuz.sbs

https://explainvees.sbs

https://ducksringjk.sbs

https://thinkyyokej.sbs

https://repostebhu.sbs

https://berrylinyj.cyou

Targets

- Target
  
  Loader2.exe
- Size
  
  422KB
- MD5
  
  c9ff17fc0b4b79260e0021bf40d1a903
- SHA1
  
  89dacc7316cf60148d1e65eae1335bc806c4a49d
- SHA256
  
  85579e584505caf0cbadd2fe350c72bf5cb569aaf7153e60dd83229259e0da9b
- SHA512
  
  fa184735f39cac65589a6ecd2a308a32de07f40ccab2fbb9d3863af54ad88d46886226bd44d1f3d479a3227a67bb29eb34eed31b289a75d40f056dcf18763ca5
- SSDEEP
  
  12288:lutZv0dHkvFYeaCr2h/HuyzwD2eym66+Kkpq9cItrPuY+rU8WtC:luIEt4dB
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer