lumma | e885e9dcfc014ec389fa2f9ba8ec67a09ceedefa5d69a6762d56763eb8688453

General

Target

UNIVERSAL-HWID-SPOOFER-main.zip
Size

1.5MB
Sample

250103-ba3ghawkdp
MD5

2bbe2d72f5b6b19caa86eeec5ea7b77d
SHA1

1691d32667f9d8a7812b1e19f626b53e315fb5cf
SHA256

e885e9dcfc014ec389fa2f9ba8ec67a09ceedefa5d69a6762d56763eb8688453
SHA512

bf2c2d5cb10855b50b87d0f7d8783cfb5cbb7ef514ad09c2e0c73f71841bd52d1e4aa720b5d0e8b060645c61df8aaaecda16da88ba28507abf949d6504a76169
SSDEEP

24576:Ut5tkNOsn4XeITV8wQhvdGZc+brES9GxiXfliyRNqpE2I0gxiO521UcgazBG6h:UtaOleIThOvEZcIroxmfsjB22L/h

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://covvercilverow.shop/api

https://surroundeocw.shop/api

https://abortinoiwiam.shop/api

https://pumpkinkwquo.shop/api

https://priooozekw.shop/api

https://deallyharvenw.shop/api

https://defenddsouneuw.shop/api

https://racedsuitreow.shop/api

https://roaddrermncomplai.shop/api

Targets

- Target
  
  UNIVERSAL-HWID-SPOOFER-main.zip
- Size
  
  1.5MB
- MD5
  
  2bbe2d72f5b6b19caa86eeec5ea7b77d
- SHA1
  
  1691d32667f9d8a7812b1e19f626b53e315fb5cf
- SHA256
  
  e885e9dcfc014ec389fa2f9ba8ec67a09ceedefa5d69a6762d56763eb8688453
- SHA512
  
  bf2c2d5cb10855b50b87d0f7d8783cfb5cbb7ef514ad09c2e0c73f71841bd52d1e4aa720b5d0e8b060645c61df8aaaecda16da88ba28507abf949d6504a76169
- SSDEEP
  
  24576:Ut5tkNOsn4XeITV8wQhvdGZc+brES9GxiXfliyRNqpE2I0gxiO521UcgazBG6h:UtaOleIThOvEZcIroxmfsjB22L/h
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  UNIVERSAL-HWID-SPOOFER-main/UniversalSpoofer.exe
- Size
  
  550KB
- MD5
  
  ee6be1648866b63fd7f860fa0114f368
- SHA1
  
  42cab62fff29eb98851b33986b637514fc904f4b
- SHA256
  
  e17bf83e09457d8cecd1f3e903fa4c9770e17e823731650a453bc479591ac511
- SHA512
  
  d6492d3b3c1d94d6c87b77a9a248e8c46b889d2e23938ddb8a8e242caccb23e8cd1a1fbeffee6b140cf6fd3ea7e8da89190286a912032ce4a671257bd8e3e28a
- SSDEEP
  
  12288:SQ5vTleU6iA6AiJ/uJxZjUXUxYcuORWETWOORGzbZr4QClJJRJAr6Ok:SQ5pexaALoXe4
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2