lumma | 8a87253779f1276af69762ef3e873cc20c0fec4886a1d998558216e1f862f38b | Triage

Sharing

General

Target

2025-01-01_ff9814cb92546094882b0724f817096b_cobalt-strike_ryuk
Size

12.1MB
Sample

250101-xy9rdasjcq
MD5

ff9814cb92546094882b0724f817096b
SHA1

8f98a68b1239afb9c18b62cc6a4311ad702f4693
SHA256

8a87253779f1276af69762ef3e873cc20c0fec4886a1d998558216e1f862f38b
SHA512

977f9cc335d2b432287b406c736cf43eced2e711d238c566685788a5cdcc02241343958f7e56479ac8d5d636818595c710c9aef0f0a2a52bb247c073cbe7e2b0
SSDEEP

196608:87TUNADQmNVfv9z2EIKTq/VWshffTz5Z6hSCQ1oBsHXNbDusKqm:8ENADQsx9CVJkshfL18SA+XNHu

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  2025-01-01_ff9814cb92546094882b0724f817096b_cobalt-strike_ryuk
- Size
  
  12.1MB
- MD5
  
  ff9814cb92546094882b0724f817096b
- SHA1
  
  8f98a68b1239afb9c18b62cc6a4311ad702f4693
- SHA256
  
  8a87253779f1276af69762ef3e873cc20c0fec4886a1d998558216e1f862f38b
- SHA512
  
  977f9cc335d2b432287b406c736cf43eced2e711d238c566685788a5cdcc02241343958f7e56479ac8d5d636818595c710c9aef0f0a2a52bb247c073cbe7e2b0
- SSDEEP
  
  196608:87TUNADQmNVfv9z2EIKTq/VWshffTz5Z6hSCQ1oBsHXNbDusKqm:8ENADQsx9CVJkshfL18SA+XNHu
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer