lumma | d7832af12e4f1a11257a9e8c81818662c2d9f31699d4bfed2400d6cb543c9842 | Triage

Sharing

General

Target

2024-12-30_9bfa369cf63f3321cd1209024136757d_frostygoop_poet-rat_snatch
Size

3.9MB
Sample

241230-b9h7xatphr
MD5

9bfa369cf63f3321cd1209024136757d
SHA1

99bbac50249e89231f147ffd687513d48db7721c
SHA256

d7832af12e4f1a11257a9e8c81818662c2d9f31699d4bfed2400d6cb543c9842
SHA512

1417b71cef7ab515bcad15cf07868e2b6c4cc9efe8884cf2f165eb22072b45555bed1f2c1751ff00bff9acb51c7264c75754b9ee4b4a5132421c1cd9a77f1d4b
SSDEEP

49152:gY+dBq0Ay69kgodVU9IoFc4vcSy8YIEpGRjqOjvB2gl6rRoacKPTF:GdB6o5BoFmGjv2cKb

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  2024-12-30_9bfa369cf63f3321cd1209024136757d_frostygoop_poet-rat_snatch
- Size
  
  3.9MB
- MD5
  
  9bfa369cf63f3321cd1209024136757d
- SHA1
  
  99bbac50249e89231f147ffd687513d48db7721c
- SHA256
  
  d7832af12e4f1a11257a9e8c81818662c2d9f31699d4bfed2400d6cb543c9842
- SHA512
  
  1417b71cef7ab515bcad15cf07868e2b6c4cc9efe8884cf2f165eb22072b45555bed1f2c1751ff00bff9acb51c7264c75754b9ee4b4a5132421c1cd9a77f1d4b
- SSDEEP
  
  49152:gY+dBq0Ay69kgodVU9IoFc4vcSy8YIEpGRjqOjvB2gl6rRoacKPTF:GdB6o5BoFmGjv2cKb
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer