lumma | f9ecec708bfe25268e7ca2ff29fcf3f7dabd9436af380869fc50afed3d481017

General

Target

f9ecec708bfe25268e7ca2ff29fcf3f7dabd9436af380869fc50afed3d481017.exe
Size

1.4MB
Sample

250102-mdv3daxna1
MD5

21711f151cc8b0c75e855e021fb51b5a
SHA1

2654602e5cc88f8b026591f2b2475ca54bdde495
SHA256

f9ecec708bfe25268e7ca2ff29fcf3f7dabd9436af380869fc50afed3d481017
SHA512

5a9d250c561e4b489732d5a114a79f341afd561b74a4dd2da846a2f2c5c44f765ccc38db33a4c2ef16429bb8729dbe28edc6278f0d42316f8627f1b862926049
SSDEEP

12288:/RPA73+XNi22eari5eVxpb//64UE61OxgUZ7m81rbqi5XGaKy/B+6OWJLBl+QYe5:ZPA73yc22eEi5eVv/64UENxT91rZ

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

https://tacitglibbr.biz/api

Targets

- Target
  
  f9ecec708bfe25268e7ca2ff29fcf3f7dabd9436af380869fc50afed3d481017.exe
- Size
  
  1.4MB
- MD5
  
  21711f151cc8b0c75e855e021fb51b5a
- SHA1
  
  2654602e5cc88f8b026591f2b2475ca54bdde495
- SHA256
  
  f9ecec708bfe25268e7ca2ff29fcf3f7dabd9436af380869fc50afed3d481017
- SHA512
  
  5a9d250c561e4b489732d5a114a79f341afd561b74a4dd2da846a2f2c5c44f765ccc38db33a4c2ef16429bb8729dbe28edc6278f0d42316f8627f1b862926049
- SSDEEP
  
  12288:/RPA73+XNi22eari5eVxpb//64UE61OxgUZ7m81rbqi5XGaKy/B+6OWJLBl+QYe5:ZPA73yc22eEi5eVv/64UENxT91rZ
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2