lumma | f1cf1b082edd56034889eeeaed50d7fd4a653c88e5f6a709bd3f6d0bdd766170 | Triage

Sharing

General

Target

f1cf1b082edd56034889eeeaed50d7fd4a653c88e5f6a709bd3f6d0bdd766170N.exe
Size

501KB
Sample

250103-t1qvhawkdm
MD5

35cd4b2000b5ccc04f5d920e0323d830
SHA1

289186c715418ac46704067d7ae657cb352cc2e2
SHA256

f1cf1b082edd56034889eeeaed50d7fd4a653c88e5f6a709bd3f6d0bdd766170
SHA512

51dd43613137f413b1389e89a7493113ebd2f0a69a810868cde574605a064519c520222cacac08d849b6fe079c2b42a753c232b7731500baac73bbe221f965b0
SSDEEP

12288:6ZqOSYt4cgd2+cOJlnDYrPLPJgu4dgT6lYDfAmy/yqvYkheLk:6sOSKgxbDgPLxZ4GO+yNheQ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  f1cf1b082edd56034889eeeaed50d7fd4a653c88e5f6a709bd3f6d0bdd766170N.exe
- Size
  
  501KB
- MD5
  
  35cd4b2000b5ccc04f5d920e0323d830
- SHA1
  
  289186c715418ac46704067d7ae657cb352cc2e2
- SHA256
  
  f1cf1b082edd56034889eeeaed50d7fd4a653c88e5f6a709bd3f6d0bdd766170
- SHA512
  
  51dd43613137f413b1389e89a7493113ebd2f0a69a810868cde574605a064519c520222cacac08d849b6fe079c2b42a753c232b7731500baac73bbe221f965b0
- SSDEEP
  
  12288:6ZqOSYt4cgd2+cOJlnDYrPLPJgu4dgT6lYDfAmy/yqvYkheLk:6sOSKgxbDgPLxZ4GO+yNheQ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer