lumma | e3435f1f8c479eb7b9869f64f68f2833fe825f3d6b58df5dbe7c5cb3f4fc11c4

General

Target

Meta.rar
Size

102.7MB
Sample

241231-t4elms1pfn
MD5

36373d0c6850d03168c868a19d3efca2
SHA1

97eb54d12980d753276c063462561e3bb2cdcb4f
SHA256

e3435f1f8c479eb7b9869f64f68f2833fe825f3d6b58df5dbe7c5cb3f4fc11c4
SHA512

1a27164e66f374044926a09fdd4c77f3b8a65238866fcd028ea28c2d32ac23b0e392ead7e121a5f75620b1b4a5c6899b50078aed8babda905c5c57a83b9cfb18
SSDEEP

3145728:EjkXiJNTAEItBbrRjqDm4sK5+InL10rWJXyxSxd:E4yJhAEItBsuvIL4WJAGd

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  Meta.exe
- Size
  
  801KB
- MD5
  
  11befa4a6fead081c7735678502a652c
- SHA1
  
  cbe77cbb82ef39b9296c63653248e1d61242556f
- SHA256
  
  6b26bc7f5a3375c1bb028f64838937298a74fe462d6f0b68e00b8049971d305b
- SHA512
  
  4622830785a83a50943131e35d438e2b12ad0f37443bc3ae51f97e8b1406be044c31fdefa29dadec08feb796052ac9f5afd53674042af48182242b8c2f9e94ca
- SSDEEP
  
  12288:ou4dP5M4Q2MmbFsgMH+GsGde1vy0xt4K7wa47DFsgMH+GsGde1vy0xt4K7wa47N:t4dPpQPmPMH4KoqqE7nMH4KoqqE7N
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2