Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

Resubmissions

26-11-2024 16:07

241126-tk1d1aykcz 10

26-11-2024 16:03

241126-thn8ysvkgn 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1227351994591613008/1310999393071267881/Loader.exe?ex=674742d4&is=6745f154&hm=fafc592571dfb0f7c8bc9e4edd774508cfe4b8318efc2ebb60b0428e9ff01989&

  • Sample

    241126-tk1d1aykcz

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://fumblingactor.cyou

Extracted

Family

lumma

C2

https://blade-govern.sbs/api

https://story-tense-faz.sbs/api

https://disobey-curly.sbs/api

https://motion-treesz.sbs/api

https://powerful-avoids.sbs/api

Targets

    • Target

      https://cdn.discordapp.com/attachments/1227351994591613008/1310999393071267881/Loader.exe?ex=674742d4&is=6745f154&hm=fafc592571dfb0f7c8bc9e4edd774508cfe4b8318efc2ebb60b0428e9ff01989&

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks