lumma | a37df528b591a79e246934858daff11f56b6499dece469d759a76d3b40dd337f

General

Target

2024-11-27_d6974821848e6cb409fb7338d289ab40_frostygoop_poet-rat_snatch
Size

10.2MB
Sample

241127-s6292szldy
MD5

d6974821848e6cb409fb7338d289ab40
SHA1

ce9d155596fd589b858541ef193893403b2428be
SHA256

a37df528b591a79e246934858daff11f56b6499dece469d759a76d3b40dd337f
SHA512

2aa2c9f80a347cd5f921e5a2345f551e055dfb825c04b0d0e0f62828e901c0818fe5ee54c6b77cc93b5f7fe45d04f58626dc9cd4770543f7fcbc44b815dbc259
SSDEEP

98304:irX3g6hos+27z147u4ApJKcdXinBzAb1dIBdjAAKyzJ86WcVD:iLw6hJhB2BCGVpD

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://caffegclasiqwp.shop/api

https://stamppreewntnq.shop/api

https://stagedchheiqwo.shop/api

https://millyscroqwp.shop/api

https://evoliutwoqm.shop/api

https://condedqpwqm.shop/api

https://traineiwnqo.shop/api

https://locatedblsoqp.shop/api

https://greetycruthsuo.shop/api

Targets

- Target
  
  2024-11-27_d6974821848e6cb409fb7338d289ab40_frostygoop_poet-rat_snatch
- Size
  
  10.2MB
- MD5
  
  d6974821848e6cb409fb7338d289ab40
- SHA1
  
  ce9d155596fd589b858541ef193893403b2428be
- SHA256
  
  a37df528b591a79e246934858daff11f56b6499dece469d759a76d3b40dd337f
- SHA512
  
  2aa2c9f80a347cd5f921e5a2345f551e055dfb825c04b0d0e0f62828e901c0818fe5ee54c6b77cc93b5f7fe45d04f58626dc9cd4770543f7fcbc44b815dbc259
- SSDEEP
  
  98304:irX3g6hos+27z147u4ApJKcdXinBzAb1dIBdjAAKyzJ86WcVD:iLw6hJhB2BCGVpD
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2