lumma | fbcc0fd22263143795c7caac525dd335be40e301d85feffd0b281ab067f43b71 | Triage

Sharing

General

Target

FORTNITE-MACROS-EDITOR-V2.5-main.zip
Size

4.0MB
Sample

250103-bc51eawlaq
MD5

ba8abe5f5c78dc6f124664dbc03fdc9f
SHA1

2215a96726b89bfcf74e6343b57246da89dde7de
SHA256

fbcc0fd22263143795c7caac525dd335be40e301d85feffd0b281ab067f43b71
SHA512

fe058fc3c558a4a0aee77214b67e298598c83fd91bb7446ab445bd2afa94daa3218f731a9196c4bad6001a7fb4beb256ab60d86190bef59b24f0833d8d627321
SSDEEP

98304:Xvkx44JDY8SyX67ClS7bxsuvKedVdXbiXUAnm+qkGVqLCXjtBAdIz:X2fDYz3BX9vDpLiXUB+nG0LW/V

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

Targets

- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/FORTNITE MACROS EDITOR V2.5.exe
- Size
  
  393KB
- MD5
  
  3c4161be295e9e9d019ce68dae82d60a
- SHA1
  
  36447fc6418e209dff1bb8a5e576f4d46e3b3296
- SHA256
  
  0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d
- SHA512
  
  cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6
- SSDEEP
  
  12288:ndoOphZgRZGJZzu/aeZjl5FeBTCVpgTfR:ndl/QZGTuHhjFe1C3gt
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  FORTNITE-MACROS-EDITOR-V2.5-main/Family.dll
- Size
  
  9.0MB
- MD5
  
  2373e8926abd289334d46f4e74f27f74
- SHA1
  
  e843ce8fe497dda015ae070e2446d88b44b5a120
- SHA256
  
  71f5d38e9436fb0b2e88f7697567a501d6453de397c2ea72d56bc3a4d91cd022
- SHA512
  
  129e50b461ba1442e70327fe99403d7e5dc611dc5d075c3a11ce05b7fba12dc49a6ba0eb3193608437a490da2f974739ed321f761e8652a61d68543dc337c50d
- SSDEEP
  
  98304:BA4q3d0aAo533UlWykW2HB6ZJM9cYKPY:BA4Eyo50lWyj2HB6Zq99K
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

behavioral4