lumma | 4004e71490385a537eec315b50a93dd52119098e73649d71f3d1398ea84f5af8

General

Target

4004e71490385a537eec315b50a93dd52119098e73649d71f3d1398ea84f5af8.exe
Size

446KB
Sample

241127-e49z8axkfv
MD5

67021f186228bac715db0dff975142bd
SHA1

8b52fa5fc51c6e98b8407a91bd2c4103a7b058bd
SHA256

4004e71490385a537eec315b50a93dd52119098e73649d71f3d1398ea84f5af8
SHA512

05e2424c9b3f8c93fbce28faa3b1d70c6b6a5a3865485fec9fcc2bf59316756ca3fca79ed56839010c4b251e4433ce109af6a9bcaedc8fdf4a180af79ccf9eb7
SSDEEP

12288:1Xvc3IJ0OgEITM0AU037+UBiNJ9oKZEbrOM89BavY0LnlzvGjjGDwpEhk5uUjWR8:RvT0IITM0AU037+UBiNJ9oKZEbrOM89v

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

Extracted

Family

lumma

C2

https://blade-govern.sbs/api

https://story-tense-faz.sbs/api

Targets

- Target
  
  4004e71490385a537eec315b50a93dd52119098e73649d71f3d1398ea84f5af8.exe
- Size
  
  446KB
- MD5
  
  67021f186228bac715db0dff975142bd
- SHA1
  
  8b52fa5fc51c6e98b8407a91bd2c4103a7b058bd
- SHA256
  
  4004e71490385a537eec315b50a93dd52119098e73649d71f3d1398ea84f5af8
- SHA512
  
  05e2424c9b3f8c93fbce28faa3b1d70c6b6a5a3865485fec9fcc2bf59316756ca3fca79ed56839010c4b251e4433ce109af6a9bcaedc8fdf4a180af79ccf9eb7
- SSDEEP
  
  12288:1Xvc3IJ0OgEITM0AU037+UBiNJ9oKZEbrOM89BavY0LnlzvGjjGDwpEhk5uUjWR8:RvT0IITM0AU037+UBiNJ9oKZEbrOM89v
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2