lumma | e5accffcd09376e462b99edbbf69fcc363a19d33607671898b17c444e64416a7 | Triage

Sharing

General

Target

collapse.space.zip
Size

47.3MB
Sample

241230-x7pgssvnbm
MD5

ad3405fe25ebd6939dd227424fe4e19e
SHA1

7c052e146d44ce8f0228162b756d1ba4453cd65d
SHA256

e5accffcd09376e462b99edbbf69fcc363a19d33607671898b17c444e64416a7
SHA512

e47b22de9b18fd352b1c951d231f2968c7798937bd5b6ae7a5352df7fc4f3488653dd1e27c8506dca104eab712c9791c842f0fdb3449a40a326d21fadd208872
SSDEEP

786432:Cga49q6IS/Q4oLd2HZVmNrWIVmki1kEMJSHB21MzPp8XcdT0WqNwduz6VXZsCkNg:z5IS/QtLd2HZcZi2ElYgp3TACVXZQ4S+

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  collapse.space.zip
- Size
  
  47.3MB
- MD5
  
  ad3405fe25ebd6939dd227424fe4e19e
- SHA1
  
  7c052e146d44ce8f0228162b756d1ba4453cd65d
- SHA256
  
  e5accffcd09376e462b99edbbf69fcc363a19d33607671898b17c444e64416a7
- SHA512
  
  e47b22de9b18fd352b1c951d231f2968c7798937bd5b6ae7a5352df7fc4f3488653dd1e27c8506dca104eab712c9791c842f0fdb3449a40a326d21fadd208872
- SSDEEP
  
  786432:Cga49q6IS/Q4oLd2HZVmNrWIVmki1kEMJSHB21MzPp8XcdT0WqNwduz6VXZsCkNg:z5IS/QtLd2HZcZi2ElYgp3TACVXZQ4S+
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer