lumma | 757204427d5f4006740424f8e1e96bc75ab4091ca3b77b8301e097752e221fee | Triage

Sharing

General

Target

ExLaµncher.exe
Size

17.5MB
Sample

241119-xzzb2a1fkj
MD5

ef2c912ce872123b912857794b300c72
SHA1

37e522a509b113b74022702fe51182d420184f7e
SHA256

757204427d5f4006740424f8e1e96bc75ab4091ca3b77b8301e097752e221fee
SHA512

0111a84c244da78f5a6ab78ee568f8348504725216ea69e9daf78aa55ea29845d8b21180169e543284631fb585a02eb21b56d068db80e6787155bc9decb8f65e
SSDEEP

393216:qP97HkONxopNQwQR1szWjpE2y7PMo+LXY8M:oqNQwKszWd1y7koV8M

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://windpull.cyou/api

Targets

- Target
  
  ExLaµncher.exe
- Size
  
  17.5MB
- MD5
  
  ef2c912ce872123b912857794b300c72
- SHA1
  
  37e522a509b113b74022702fe51182d420184f7e
- SHA256
  
  757204427d5f4006740424f8e1e96bc75ab4091ca3b77b8301e097752e221fee
- SHA512
  
  0111a84c244da78f5a6ab78ee568f8348504725216ea69e9daf78aa55ea29845d8b21180169e543284631fb585a02eb21b56d068db80e6787155bc9decb8f65e
- SSDEEP
  
  393216:qP97HkONxopNQwQR1szWjpE2y7PMo+LXY8M:oqNQwKszWd1y7koV8M
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2