lumma | f121b2ec2ce98612b83371a094d7f3197be2cc31de5e5b413d95ce5a198f1307 | Triage

Sharing

General

Target

Loader.exe
Size

793KB
Sample

250102-ypbnnatncw
MD5

90c88f6ac47e6e1f1f907f165a021dd3
SHA1

26cd44958ca1045f9abcdeb0b7346f35df691f9c
SHA256

f121b2ec2ce98612b83371a094d7f3197be2cc31de5e5b413d95ce5a198f1307
SHA512

f6f93b6e979b6ba8e0a1d13b240a3dc6523016b7ea00bfdf80eb1add82fcc11e99f2d796c44dedd2dd2c63b603cd0265338bdfc4ccf015a57695968ffd02b894
SSDEEP

12288:d3K1Pp+lMeB8UODTAFKHMRTv5TOODTAFKHMRTv5Tr:JK1PSMZx0FKsRTxT/0FKsRTxTr

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Targets

- Target
  
  Loader.exe
- Size
  
  793KB
- MD5
  
  90c88f6ac47e6e1f1f907f165a021dd3
- SHA1
  
  26cd44958ca1045f9abcdeb0b7346f35df691f9c
- SHA256
  
  f121b2ec2ce98612b83371a094d7f3197be2cc31de5e5b413d95ce5a198f1307
- SHA512
  
  f6f93b6e979b6ba8e0a1d13b240a3dc6523016b7ea00bfdf80eb1add82fcc11e99f2d796c44dedd2dd2c63b603cd0265338bdfc4ccf015a57695968ffd02b894
- SSDEEP
  
  12288:d3K1Pp+lMeB8UODTAFKHMRTv5TOODTAFKHMRTv5Tr:JK1PSMZx0FKsRTxT/0FKsRTxTr
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer