lumma | fab599fee768dc9a9c512d80f94b63f8c7d73222a6843da00ea3f73b95319cbb | Triage

Sharing

General

Target

2025-01-01_89963a73d0b80ec75760066916008189_frostygoop_poet-rat_snatch
Size

3.9MB
Sample

250101-mtx7nsvpcp
MD5

89963a73d0b80ec75760066916008189
SHA1

21bc6c62640a055a5272d29a096b4a9c67362721
SHA256

fab599fee768dc9a9c512d80f94b63f8c7d73222a6843da00ea3f73b95319cbb
SHA512

01a8cdd7f900479d08e8aedb4a1c23119b099746a3d5ee2d31f7cc0f6c0be83f8d9ca6fcb071263bc58824ab001a0f18ae820ed08a3f0ec1504dca213a47cecf
SSDEEP

49152:e0JEHWJ65cZrFctPdSHdA8Ui4oFcU/sy4cNREVjb1PCWpmicKPd3:EW80yEwoFCPCWpmicKl

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  2025-01-01_89963a73d0b80ec75760066916008189_frostygoop_poet-rat_snatch
- Size
  
  3.9MB
- MD5
  
  89963a73d0b80ec75760066916008189
- SHA1
  
  21bc6c62640a055a5272d29a096b4a9c67362721
- SHA256
  
  fab599fee768dc9a9c512d80f94b63f8c7d73222a6843da00ea3f73b95319cbb
- SHA512
  
  01a8cdd7f900479d08e8aedb4a1c23119b099746a3d5ee2d31f7cc0f6c0be83f8d9ca6fcb071263bc58824ab001a0f18ae820ed08a3f0ec1504dca213a47cecf
- SSDEEP
  
  49152:e0JEHWJ65cZrFctPdSHdA8Ui4oFcU/sy4cNREVjb1PCWpmicKPd3:EW80yEwoFCPCWpmicKl
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer