lumma | 31010cfdcbf084851f8bca16e6c16803d51ed69aa9ca91a63de4ad2dcb5827fe | Triage

Sharing

General

Target

file
Size

8KB
Sample

241126-se9j2swmfw
MD5

b24e8ce81ecb235932bd058ee9b96845
SHA1

b0edfd7533c97b2cc17ba26e322d95c15ca07756
SHA256

31010cfdcbf084851f8bca16e6c16803d51ed69aa9ca91a63de4ad2dcb5827fe
SHA512

ab819d84daf1205990a88ea82b8fb5dd94f099d2fe9bea8eb6698045a739f165580fd2863659f5c5d0f8f727cf8fb95f6c1abee4359dbe1b49fad074a6deed51
SSDEEP

96:PNybXaotqEb0EZ2W87IuU5N2INgKvclXtbF8Y58Z9HaeK1gF+nTvkUI5SCKlWkq1:PN2x2Be+/Xtv5qX9WIUI5pNeWvik/yqN

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

Extracted

Family

lumma

C2

https://occupy-blushi.sbs/api

https://blade-govern.sbs/api

https://story-tense-faz.sbs/api

https://disobey-curly.sbs/api

https://motion-treesz.sbs/api

https://powerful-avoids.sbs/api

Targets

- Target
  
  file
- Size
  
  8KB
- MD5
  
  b24e8ce81ecb235932bd058ee9b96845
- SHA1
  
  b0edfd7533c97b2cc17ba26e322d95c15ca07756
- SHA256
  
  31010cfdcbf084851f8bca16e6c16803d51ed69aa9ca91a63de4ad2dcb5827fe
- SHA512
  
  ab819d84daf1205990a88ea82b8fb5dd94f099d2fe9bea8eb6698045a739f165580fd2863659f5c5d0f8f727cf8fb95f6c1abee4359dbe1b49fad074a6deed51
- SSDEEP
  
  96:PNybXaotqEb0EZ2W87IuU5N2INgKvclXtbF8Y58Z9HaeK1gF+nTvkUI5SCKlWkq1:PN2x2Be+/Xtv5qX9WIUI5pNeWvik/yqN
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer