lumma | 99ab2e5ec80500930cdb345dc8e0729c54d428be0834f4eeb2ff33ecf29bc4e3 | Triage

Submit
Reports

Overview

overview

Static

static

3

Neverlose.cc.exe

windows10-2004-x64

Sharing

General

Target

Neverlose.cc (2024).zip
Size

472KB
Sample

241230-lk7t3strcp
MD5

ffaa612dd795c92a0282a2a7fa9317bf
SHA1

2633632f31af6f1794bce6f0788a3a2e6389f04f
SHA256

99ab2e5ec80500930cdb345dc8e0729c54d428be0834f4eeb2ff33ecf29bc4e3
SHA512

667c815820a6ea5fa8b634a9fe81da1d16f846a94d039eb850c54b983c9906a0685d93c878dc6841694eafc751d0d44a16c14da12b7cbc4b25689f0176f881b8
SSDEEP

12288:MUI27ZXx4XyI3bGWXDMLcL38giWyDzoy1OrNKoP:DT4XyIrHMLi3kWI0+sNK2

Score

10^/10

lumma discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Neverlose.cc.exe

Resource

win10v2004-20241007-en

lumma discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  Neverlose.cc.exe
- Size
  
  54.5MB
- MD5
  
  fd8e94f50646325de0f502b98a9bcc2d
- SHA1
  
  5f26af6c0bc9e573abc0490827468e4165b05b19
- SHA256
  
  c3afdbc9b9ba8c77858d6fb4394721ed65a6f68731306ccb64f8c283cde26503
- SHA512
  
  bb4479107d3fbe0e6afcb981c63e4ec62ee445a829b1b0906a964dba7b703ac2a4d6935009d4b3738b26940c3ee4de70aba987a4548728f5eec1385bf1b2ea9b
- SSDEEP
  
  12288:23sPnKB1HitY7GwKKNLio3vp1wz+psXxilQmqNXey/i:28PnKrittwK+LB3vpSKislQmqNXE
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

© 2018-2025

Terms | Privacy