General
-
Target
https://youtu.be/CCTH_A4wh-E?si=XQeDbeI7IT9EUyay
-
Sample
241126-wbpbgs1raw
Score
10/10
Malware Config
Extracted
Family
lumma
C2
https://powerful-avoids.sbs
https://motion-treesz.sbs
https://disobey-curly.sbs
https://leg-sate-boat.sbs
https://story-tense-faz.sbs
https://blade-govern.sbs
https://occupy-blushi.sbs
https://frogs-severz.sbs
https://property-imper.sbs
Extracted
Family
lumma
C2
https://blade-govern.sbs/api
https://story-tense-faz.sbs/api
https://disobey-curly.sbs/api
https://motion-treesz.sbs/api
https://powerful-avoids.sbs/api
Targets
-
-
Target
https://youtu.be/CCTH_A4wh-E?si=XQeDbeI7IT9EUyay
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Executes dropped EXE
-
Mark of the Web detected: This indicates that the page was originally saved or cloned.
-
Suspicious use of SetThreadContext
-