lumma | d0fb892c6add59c97662aa83fbc43667b81a592e7af77ccd9504a0031ee92204

General

Target

Loader.exe
Size

457KB
Sample

241128-av26ssxmfv
MD5

6840cc34c2d6f7205a2d3461a4bab86b
SHA1

fa51e20017fd7ef7ce7e903e60df1acd615eee0b
SHA256

d0fb892c6add59c97662aa83fbc43667b81a592e7af77ccd9504a0031ee92204
SHA512

a09a695aa5175e156288a79e4fb35ba62b5e00081052a089347a8b5526dc2f18bc7a2682b2a899eeec721db5e941a8b09d9b08097138be2b86457b52ed08161b
SSDEEP

12288:fDBE7f710fngOy1l8ql6o49wFxhaK6DFciYTiClr7v:fC7WPTai06o49shaK88dr7v

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://fumblingactor.cyou

Targets

- Target
  
  Loader.exe
- Size
  
  457KB
- MD5
  
  6840cc34c2d6f7205a2d3461a4bab86b
- SHA1
  
  fa51e20017fd7ef7ce7e903e60df1acd615eee0b
- SHA256
  
  d0fb892c6add59c97662aa83fbc43667b81a592e7af77ccd9504a0031ee92204
- SHA512
  
  a09a695aa5175e156288a79e4fb35ba62b5e00081052a089347a8b5526dc2f18bc7a2682b2a899eeec721db5e941a8b09d9b08097138be2b86457b52ed08161b
- SSDEEP
  
  12288:fDBE7f710fngOy1l8ql6o49wFxhaK6DFciYTiClr7v:fC7WPTai06o49shaK88dr7v
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2