lumma | cb221fe7b83330e458852d3c38deb491f46b4bca387a128b2a2b1bee245be5b5

General

Target

cb221fe7b83330e458852d3c38deb491f46b4bca387a128b2a2b1bee245be5b5N.exe
Size

459KB
Sample

241127-xlbntasjgn
MD5

fa0cbd85bcc4176dda03de265347d640
SHA1

6b039c960a7ffac0d83c49367335c0fb77204c57
SHA256

cb221fe7b83330e458852d3c38deb491f46b4bca387a128b2a2b1bee245be5b5
SHA512

4c177516ab35ebbab71e66f4583af30e1fc0545e48804afdda53a062e2d4be28a5128dc6ab966f56cd742f0bd09a8119da01dc58010f2e30e6ccb59acff3922f
SSDEEP

12288:WxSZOzTe3q72Qk2phZS/AzVNocCBT8+H39YktxVLwU1GLX52:EEOua72Qk2phc/A5NLCBT8q39YMESAJ

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://p3ar11fter.sbs

https://3xp3cts1aim.sbs

https://owner-vacat10n.sbs

https://peepburry828.sbs

https://p10tgrace.sbs

https://befall-sm0ker.sbs

https://librari-night.sbs

https://processhol.sbs

Targets

- Target
  
  cb221fe7b83330e458852d3c38deb491f46b4bca387a128b2a2b1bee245be5b5N.exe
- Size
  
  459KB
- MD5
  
  fa0cbd85bcc4176dda03de265347d640
- SHA1
  
  6b039c960a7ffac0d83c49367335c0fb77204c57
- SHA256
  
  cb221fe7b83330e458852d3c38deb491f46b4bca387a128b2a2b1bee245be5b5
- SHA512
  
  4c177516ab35ebbab71e66f4583af30e1fc0545e48804afdda53a062e2d4be28a5128dc6ab966f56cd742f0bd09a8119da01dc58010f2e30e6ccb59acff3922f
- SSDEEP
  
  12288:WxSZOzTe3q72Qk2phZS/AzVNocCBT8+H39YktxVLwU1GLX52:EEOua72Qk2phc/A5NLCBT8q39YMESAJ
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2