lumma | 3ed1b57fd5efa3d95f88a8e06e06337253f4427aac41accc2f2fe334ea7fdcc9

General

Target

Set-up.exe
Size

3.6MB
Sample

241230-zgek1sxpdj
MD5

d6ab8da3bd0065c5f9ef7e4c1524c853
SHA1

a7e0f197fcbba885ef9cf61bf0694be269b50ac5
SHA256

3ed1b57fd5efa3d95f88a8e06e06337253f4427aac41accc2f2fe334ea7fdcc9
SHA512

276ee2f259a6fd2860cf3f5a3cba3d0fad7bcc05331b1f0ed7a1640053711d691ad8fe53c43faf4abb0e2824284b20e9b753350dd16170fcb884374ea3aa858f
SSDEEP

49152:ucWc+BmELGlkA0EhnZLLEXSHIv2IVADlZMy6M3amhITeL2Jx6RkIKyI8IDwJcTrh:ucW6KAder8ZzfB

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  Set-up.exe
- Size
  
  3.6MB
- MD5
  
  d6ab8da3bd0065c5f9ef7e4c1524c853
- SHA1
  
  a7e0f197fcbba885ef9cf61bf0694be269b50ac5
- SHA256
  
  3ed1b57fd5efa3d95f88a8e06e06337253f4427aac41accc2f2fe334ea7fdcc9
- SHA512
  
  276ee2f259a6fd2860cf3f5a3cba3d0fad7bcc05331b1f0ed7a1640053711d691ad8fe53c43faf4abb0e2824284b20e9b753350dd16170fcb884374ea3aa858f
- SSDEEP
  
  49152:ucWc+BmELGlkA0EhnZLLEXSHIv2IVADlZMy6M3amhITeL2Jx6RkIKyI8IDwJcTrh:ucW6KAder8ZzfB
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2