lumma | 6e7b661fb3b6610bc026dd050824e7faaf3bd3b5fa0b168d941858fc694ba871 | Triage

Sharing

General

Target

6e7b661fb3b6610bc026dd050824e7faaf3bd3b5fa0b168d941858fc694ba871.exe
Size

803KB
Sample

250102-cpr5razpfk
MD5

0792fce4557cae0687a02e5e41be587a
SHA1

1bac30844ed9b13082a7df999518b0cc59759278
SHA256

6e7b661fb3b6610bc026dd050824e7faaf3bd3b5fa0b168d941858fc694ba871
SHA512

b7fb793442afa46c3ba8a3066adaf94453a5324bf717904bb564fde1b14471245e3cd77b6bfff4a5c236551ec4f5ee091121fd6827635c4ddb3394dd627e1426
SSDEEP

12288:h3K1Pp+lMeB8MFA6ln2KKV+FV9cEmRJ3Tn0FA6ln2KKV+FV9cEmRJ3Tn1:lK1PSMZ8A6JoM7cF3gA6JoM7cF3p

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Extracted

Family

lumma

C2

https://fancywaxxers.shop/api

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  6e7b661fb3b6610bc026dd050824e7faaf3bd3b5fa0b168d941858fc694ba871.exe
- Size
  
  803KB
- MD5
  
  0792fce4557cae0687a02e5e41be587a
- SHA1
  
  1bac30844ed9b13082a7df999518b0cc59759278
- SHA256
  
  6e7b661fb3b6610bc026dd050824e7faaf3bd3b5fa0b168d941858fc694ba871
- SHA512
  
  b7fb793442afa46c3ba8a3066adaf94453a5324bf717904bb564fde1b14471245e3cd77b6bfff4a5c236551ec4f5ee091121fd6827635c4ddb3394dd627e1426
- SSDEEP
  
  12288:h3K1Pp+lMeB8MFA6ln2KKV+FV9cEmRJ3Tn0FA6ln2KKV+FV9cEmRJ3Tn1:lK1PSMZ8A6JoM7cF3gA6JoM7cF3p
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer