lumma | f03e4cbb8a85d32fc3299fcfda69869b3331b032b19c9e4f892903d9c84e4fa6

General

Target

f03e4cbb8a85d32fc3299fcfda69869b3331b032b19c9e4f892903d9c84e4fa6.exe
Size

10.6MB
Sample

241126-c1244azkdw
MD5

4a66239217d390819d227e60f32f6fce
SHA1

cae5c004330a9e9bd6c3cc39349e45c7eaf7893c
SHA256

f03e4cbb8a85d32fc3299fcfda69869b3331b032b19c9e4f892903d9c84e4fa6
SHA512

ada981d2e874202e432f62e91f232e344da46a47edc7461e1fe5de2ae58253cf8afffa5f2afd06b823cc59cde685e16e6b09842318765cfd2176709c98cd3557
SSDEEP

49152:SEyR/65QQWIaJmDpNwv1XIKABF1O/4JmkwaUsIg9PgLj4wqEpj/BrZFW8NsOL/:U/655cJeId+zrE/VF

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://reinforcenh.shop/api

https://stogeneratmns.shop/api

https://fragnantbui.shop/api

https://drawzhotdog.shop/api

https://vozmeatillu.shop/api

https://offensivedzvju.shop/api

https://ghostreedmnu.shop/api

https://gutterydhowi.shop/api

https://raciimoppero.shop/api

Targets

- Target
  
  f03e4cbb8a85d32fc3299fcfda69869b3331b032b19c9e4f892903d9c84e4fa6.exe
- Size
  
  10.6MB
- MD5
  
  4a66239217d390819d227e60f32f6fce
- SHA1
  
  cae5c004330a9e9bd6c3cc39349e45c7eaf7893c
- SHA256
  
  f03e4cbb8a85d32fc3299fcfda69869b3331b032b19c9e4f892903d9c84e4fa6
- SHA512
  
  ada981d2e874202e432f62e91f232e344da46a47edc7461e1fe5de2ae58253cf8afffa5f2afd06b823cc59cde685e16e6b09842318765cfd2176709c98cd3557
- SSDEEP
  
  49152:SEyR/65QQWIaJmDpNwv1XIKABF1O/4JmkwaUsIg9PgLj4wqEpj/BrZFW8NsOL/:U/655cJeId+zrE/VF
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2