lumma | 0336d6c3b8629f426c417a0999b65f74e804d11b28412482d72a004a9c6019a1 | Triage

Sharing

General

Target

Solara-Roblox-Executor-v3.exe
Size

795KB
Sample

241231-tt757s1ler
MD5

d2b09b1bda10143724a24534e31d44db
SHA1

6838edf7603b3a2be8195f5029223c808cdde9a4
SHA256

0336d6c3b8629f426c417a0999b65f74e804d11b28412482d72a004a9c6019a1
SHA512

0274d0ac02d12c5a71d1b03e38be8a1ce6c3b2bd4553f96f3225cd68ef25f8097e22ec516b06d72d9cdafc20dbaed4424a52e9b1abb2eec7a9f7ee5a3c86f4d8
SSDEEP

24576:FK1PSMZAM9AlqJkztYouKM9AlqJkztYoub:A1PS4AM9WqJTKM9WqJTb

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Extracted

Family

lumma

C2

https://fancywaxxers.shop/api

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  Solara-Roblox-Executor-v3.exe
- Size
  
  795KB
- MD5
  
  d2b09b1bda10143724a24534e31d44db
- SHA1
  
  6838edf7603b3a2be8195f5029223c808cdde9a4
- SHA256
  
  0336d6c3b8629f426c417a0999b65f74e804d11b28412482d72a004a9c6019a1
- SHA512
  
  0274d0ac02d12c5a71d1b03e38be8a1ce6c3b2bd4553f96f3225cd68ef25f8097e22ec516b06d72d9cdafc20dbaed4424a52e9b1abb2eec7a9f7ee5a3c86f4d8
- SSDEEP
  
  24576:FK1PSMZAM9AlqJkztYouKM9AlqJkztYoub:A1PS4AM9WqJTKM9WqJTb
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer