lumma | 02ec8860240f90b920bb2692f651d0ec712e511e0bd17a3b1048382fdfdcb4d8 | Triage

Sharing

General

Target

injector V2.4.exe
Size

574KB
Sample

241121-tnhncsshje
MD5

837840f37e344f8e7bc187f88f93c4a8
SHA1

782edf606d07812ec71254cc9cf2260da2e3fd51
SHA256

02ec8860240f90b920bb2692f651d0ec712e511e0bd17a3b1048382fdfdcb4d8
SHA512

025068c49129a0d40235a9c80b6473e86b4d1209fabe953ac425628ad98e3b64106777014b5c20d24324991618d901c662feb69dc76cd7f68f39e415887c8480
SSDEEP

12288:SRgyqSwAN2kLkjnP13tGIGef4cDDKeCxeAn3tCk9Rj71Mlr7v:ig2N2kLkTd3AIGFcDtSVvCr7v

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://fumblingactor.cyou/api

Targets

- Target
  
  injector V2.4.exe
- Size
  
  574KB
- MD5
  
  837840f37e344f8e7bc187f88f93c4a8
- SHA1
  
  782edf606d07812ec71254cc9cf2260da2e3fd51
- SHA256
  
  02ec8860240f90b920bb2692f651d0ec712e511e0bd17a3b1048382fdfdcb4d8
- SHA512
  
  025068c49129a0d40235a9c80b6473e86b4d1209fabe953ac425628ad98e3b64106777014b5c20d24324991618d901c662feb69dc76cd7f68f39e415887c8480
- SSDEEP
  
  12288:SRgyqSwAN2kLkjnP13tGIGef4cDDKeCxeAn3tCk9Rj71Mlr7v:ig2N2kLkTd3AIGFcDtSVvCr7v
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer