lumma | 058c2706f0d49a7fd7c49638c73f57a0948b965a3b1cb17f5e0f432fcafcec95 | Triage

Sharing

General

Target

CheatInjector.exe
Size

1.0MB
Sample

241119-wwq1tavjcl
MD5

997e2c668f629588a84eaadfdc6f985f
SHA1

bd02c27b6019752d3b462df3111c147c039ffaf3
SHA256

058c2706f0d49a7fd7c49638c73f57a0948b965a3b1cb17f5e0f432fcafcec95
SHA512

6b0eb1b32c75eb67c5e6b884e7ffdfb51b2626e79235394e879d2e60ad347275250a9d2c205912deafa982c63dcbfd37a92a8028a24130632ef6e8c6611d1677
SSDEEP

24576:Rl7x9P6faKSfQiRUIM8ki6dhlZjyRUIM8ki6dhlZj+:RJ7P6CKSfQEAl+Alg

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://processhol.sbs/api

https://p10tgrace.sbs/api

https://peepburry828.sbs/api

https://3xp3cts1aim.sbs/api

https://p3ar11fter.sbs/api

Targets

- Target
  
  CheatInjector.exe
- Size
  
  1.0MB
- MD5
  
  997e2c668f629588a84eaadfdc6f985f
- SHA1
  
  bd02c27b6019752d3b462df3111c147c039ffaf3
- SHA256
  
  058c2706f0d49a7fd7c49638c73f57a0948b965a3b1cb17f5e0f432fcafcec95
- SHA512
  
  6b0eb1b32c75eb67c5e6b884e7ffdfb51b2626e79235394e879d2e60ad347275250a9d2c205912deafa982c63dcbfd37a92a8028a24130632ef6e8c6611d1677
- SSDEEP
  
  24576:Rl7x9P6faKSfQiRUIM8ki6dhlZjyRUIM8ki6dhlZj+:RJ7P6CKSfQEAl+Alg
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer