lumma | 83901468563a8415145b97d742fc21f917181fb4aed73b3ecc25b08199625158

General

Target

83901468563a8415145b97d742fc21f917181fb4aed73b3ecc25b08199625158N.exe
Size

1.4MB
Sample

250101-yt3myatqbp
MD5

23ee78bc188e01d4c44038f5e3f29ac0
SHA1

2144e4aeed0859d037c17c9652459da3ab24bbcd
SHA256

83901468563a8415145b97d742fc21f917181fb4aed73b3ecc25b08199625158
SHA512

e12b93adb008bdfbffbb68d3b0a67009cfc618ecf3b7f41c90e2787625a81057acf7df146df21a1c83c8ec9930ab415492ed2457b1ce1b5d96b3bf66938c672b
SSDEEP

12288:/RPA73+XNi22eari5eVxpb//64UE61OxgUZ7m81rbqi5XGaKy/B+6OWJLBl+QYeb:ZPA73yc22eEi5eVv/64UENxT91r7

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

https://tacitglibbr.biz/api

Targets

- Target
  
  83901468563a8415145b97d742fc21f917181fb4aed73b3ecc25b08199625158N.exe
- Size
  
  1.4MB
- MD5
  
  23ee78bc188e01d4c44038f5e3f29ac0
- SHA1
  
  2144e4aeed0859d037c17c9652459da3ab24bbcd
- SHA256
  
  83901468563a8415145b97d742fc21f917181fb4aed73b3ecc25b08199625158
- SHA512
  
  e12b93adb008bdfbffbb68d3b0a67009cfc618ecf3b7f41c90e2787625a81057acf7df146df21a1c83c8ec9930ab415492ed2457b1ce1b5d96b3bf66938c672b
- SSDEEP
  
  12288:/RPA73+XNi22eari5eVxpb//64UE61OxgUZ7m81rbqi5XGaKy/B+6OWJLBl+QYeb:ZPA73yc22eEi5eVv/64UENxT91r7
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2