lumma | d740964083499743a5c0431effbd417dcb7bb9cb7c45b7b30cbd4013774f0e63

General

Target

2024-12-31_ac184f1d1bb5b5578315a67f810db20f_frostygoop_snatch
Size

3.6MB
Sample

241231-d11rpsvpdw
MD5

ac184f1d1bb5b5578315a67f810db20f
SHA1

bed97a34ed3090206d461fc9fbc24e05fb30c2c7
SHA256

d740964083499743a5c0431effbd417dcb7bb9cb7c45b7b30cbd4013774f0e63
SHA512

71749a7b90c37d74cf843756f8fda68eb56fac413e3548e0b15980c4bc8ea0e9f483715ce38bf2451480cbdc5553c9f2ebaf42077a42c85d14d04125a64e3b2f
SSDEEP

49152:oYfx+ufWVr/3XT1ZrWaQPF7IfxzceN+bzB+RXVzsuXZxiE6/E1nF18Gb:oYfN03DjrQbzBO

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  2024-12-31_ac184f1d1bb5b5578315a67f810db20f_frostygoop_snatch
- Size
  
  3.6MB
- MD5
  
  ac184f1d1bb5b5578315a67f810db20f
- SHA1
  
  bed97a34ed3090206d461fc9fbc24e05fb30c2c7
- SHA256
  
  d740964083499743a5c0431effbd417dcb7bb9cb7c45b7b30cbd4013774f0e63
- SHA512
  
  71749a7b90c37d74cf843756f8fda68eb56fac413e3548e0b15980c4bc8ea0e9f483715ce38bf2451480cbdc5553c9f2ebaf42077a42c85d14d04125a64e3b2f
- SSDEEP
  
  49152:oYfx+ufWVr/3XT1ZrWaQPF7IfxzceN+bzB+RXVzsuXZxiE6/E1nF18Gb:oYfN03DjrQbzBO
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2