lumma | 39eff4e2681f1608e8b38160a1667315cc6f48bede67bc317b5f5b87f5392177 | Triage

Sharing

General

Target

Luna.exe
Size

744KB
Sample

250102-ebvpts1pez
MD5

0bfe4694a087ec99980de38f282816c2
SHA1

8a322fce77387f1bf472779573e4c33b8f4d1802
SHA256

39eff4e2681f1608e8b38160a1667315cc6f48bede67bc317b5f5b87f5392177
SHA512

d2ce46abd155abd295cf96c420e06a9c4414f4f44c67e9bff4d25e056c146d35012c472348c09651fbf09b3747e757681b5759ab3f5f2fefdc808af8e7fc159a
SSDEEP

12288:zrCWd/PuP/6IQILepsga9QfZeQrLcOluyiA0E3qSCWXJAcVn/4VEFqPLCQ8A2Ytn:LxWX6ZIL7QfQQUOl133qSCy//cd

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Targets

- Target
  
  Luna.exe
- Size
  
  744KB
- MD5
  
  0bfe4694a087ec99980de38f282816c2
- SHA1
  
  8a322fce77387f1bf472779573e4c33b8f4d1802
- SHA256
  
  39eff4e2681f1608e8b38160a1667315cc6f48bede67bc317b5f5b87f5392177
- SHA512
  
  d2ce46abd155abd295cf96c420e06a9c4414f4f44c67e9bff4d25e056c146d35012c472348c09651fbf09b3747e757681b5759ab3f5f2fefdc808af8e7fc159a
- SSDEEP
  
  12288:zrCWd/PuP/6IQILepsga9QfZeQrLcOluyiA0E3qSCWXJAcVn/4VEFqPLCQ8A2Ytn:LxWX6ZIL7QfQQUOl133qSCy//cd
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer