lumma | 6f0df40928071c599955dfa09d5f4596a823ad68b887c228a8e810287d856b66 | Triage

Sharing

General

Target

NewUpd [v1.1.0].exe
Size

1.9MB
Sample

250103-cjb7cavmav
MD5

11009591ca02b389f69e8c8e34f3f0c3
SHA1

de3e14d918d6aa164112c7339f85f67e60291616
SHA256

6f0df40928071c599955dfa09d5f4596a823ad68b887c228a8e810287d856b66
SHA512

1ea9ce27abdd7d8ee4aa139ede7e856b3e7404cb30259e2fdd09b2125bbc0aade93e25568ce426e82bcf45167982cdff51432ed20d8db7e8b8e9d1c03ae513aa
SSDEEP

24576:woWteRKeZUihWNS0fLw0E5+VulD0UnwTpkFWjuwbnFjx+Fyq1OeHwWOTMes8:IdzE0E5+MznUuwJF81EXwJ8

Score

10^/10

lumma discovery phishing stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://begguinnerz.biz/api

Extracted

Family

lumma

C2

https://begguinnerz.biz/api

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

- Target
  
  NewUpd [v1.1.0].exe
- Size
  
  1.9MB
- MD5
  
  11009591ca02b389f69e8c8e34f3f0c3
- SHA1
  
  de3e14d918d6aa164112c7339f85f67e60291616
- SHA256
  
  6f0df40928071c599955dfa09d5f4596a823ad68b887c228a8e810287d856b66
- SHA512
  
  1ea9ce27abdd7d8ee4aa139ede7e856b3e7404cb30259e2fdd09b2125bbc0aade93e25568ce426e82bcf45167982cdff51432ed20d8db7e8b8e9d1c03ae513aa
- SSDEEP
  
  24576:woWteRKeZUihWNS0fLw0E5+VulD0UnwTpkFWjuwbnFjx+Fyq1OeHwWOTMes8:IdzE0E5+MznUuwJF81EXwJ8
Score

10^/10

discovery lumma phishing stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- A potential corporate email address has been identified in the URL: [email protected]
  phishing
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoveryphishingstealer