lumma | 8e8be57740fd43058b3e310c77c9ffda477e62f729550030d38a9afe9bdddf12 | Triage

Sharing

General

Target

8e8be57740fd43058b3e310c77c9ffda477e62f729550030d38a9afe9bdddf12N.exe
Size

605KB
Sample

241231-qrnr1avlgq
MD5

2816f592a20b55ac30849a92e6d61c00
SHA1

46eb22835a28b154dbf700416094ce22f8ff65f6
SHA256

8e8be57740fd43058b3e310c77c9ffda477e62f729550030d38a9afe9bdddf12
SHA512

137c0cadf443a2525a710ea394f06312a4993eb1bb29db66f1e0a12778b68b8e370befd30702c7c465bf960d0361d264ec186dd12f2e2407adebc5508658334e
SSDEEP

12288:xvu/lxRkPqQBY0+B/7hmrOA1xO2nuhPxjnp:xvWJx7hmrOA3OLhPxjn

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://spellshagey.biz/api

Targets

- Target
  
  8e8be57740fd43058b3e310c77c9ffda477e62f729550030d38a9afe9bdddf12N.exe
- Size
  
  605KB
- MD5
  
  2816f592a20b55ac30849a92e6d61c00
- SHA1
  
  46eb22835a28b154dbf700416094ce22f8ff65f6
- SHA256
  
  8e8be57740fd43058b3e310c77c9ffda477e62f729550030d38a9afe9bdddf12
- SHA512
  
  137c0cadf443a2525a710ea394f06312a4993eb1bb29db66f1e0a12778b68b8e370befd30702c7c465bf960d0361d264ec186dd12f2e2407adebc5508658334e
- SSDEEP
  
  12288:xvu/lxRkPqQBY0+B/7hmrOA1xO2nuhPxjnp:xvWJx7hmrOA3OLhPxjn
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer