lumma | f914a25c6b1447ef24396a03c454f3a8ff339e436f542269e5c5c6b7ea778f9f | Triage

Sharing

General

Target

Software V.1.3.rar
Size

53.0MB
Sample

241119-xzjxcazqds
MD5

4e6bf01d516a8438c68740a7e0a38549
SHA1

3cd430f29c3d72c12c51f919a652986ac60883dd
SHA256

f914a25c6b1447ef24396a03c454f3a8ff339e436f542269e5c5c6b7ea778f9f
SHA512

0b1834dd706358fdaadde72fa18061c0bd1a619718561c1f40051253bc06de0c743cd70734a55d7cf327d9ba60b466a7f348d1a645dc1aafffe421446477c557
SSDEEP

786432:RgFiAEN1XwTCBBGMf8Q7DK7t6PDn8ogp1AjXktzXKI7U1fEaBkwBwe:RgF0NVwTCBhf8IK7M8ogDA7ktUhEadwe

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://conceptionnyi.sbs

https://platformcati.sbs

https://nervepianoyo.sbs

https://qualifielgalt.sbs

https://smashygally.sbs

https://fightyglobo.sbs

https://modellydivi.sbs

https://pioneeruyj.sbs

https://underlinefiue.sbs

Extracted

Family

lumma

C2

https://platformcati.sbs/api

Targets

- Target
  
  Software V.1.3.rar
- Size
  
  53.0MB
- MD5
  
  4e6bf01d516a8438c68740a7e0a38549
- SHA1
  
  3cd430f29c3d72c12c51f919a652986ac60883dd
- SHA256
  
  f914a25c6b1447ef24396a03c454f3a8ff339e436f542269e5c5c6b7ea778f9f
- SHA512
  
  0b1834dd706358fdaadde72fa18061c0bd1a619718561c1f40051253bc06de0c743cd70734a55d7cf327d9ba60b466a7f348d1a645dc1aafffe421446477c557
- SSDEEP
  
  786432:RgFiAEN1XwTCBBGMf8Q7DK7t6PDn8ogp1AjXktzXKI7U1fEaBkwBwe:RgF0NVwTCBhf8IK7M8ogDA7ktUhEadwe
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer