lumma | d097246fca01b72e58cd7ce0ad35bf8e3f517508a9e320d063ae7089ef98517a | Triage

Sharing

General

Target

Installer.exe
Size

26.6MB
Sample

250103-tjkbdsvmfr
MD5

d865604715daec772b3c7bc86cf6cb2c
SHA1

8b34c442dda04930bf535275b5926c06584d0643
SHA256

d097246fca01b72e58cd7ce0ad35bf8e3f517508a9e320d063ae7089ef98517a
SHA512

b0c296302030470d30a5f3327e5cfb0a0745727d8343d75c71a28243d956763d8f8a629c084d4aa6bf5c949874272fff168994f695090785bc0d4aa904eb0e06
SSDEEP

196608:ZJCc+/wmeML2XJ+eTcbn7qAcfM8jFGL0w3Fk:Zd+/wcL2X4eO7wbGL00Fk

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://quialitsuzoxm.shop/api

https://complaintsipzzx.shop/api

https://languagedscie.shop/api

https://mennyudosirso.shop/api

https://bassizcellskz.shop/api

https://deallerospfosu.shop/api

https://writerospzm.shop/api

https://celebratioopz.shop/api

https://solutionpxmuzo.shop/api

Targets

- Target
  
  Installer.exe
- Size
  
  26.6MB
- MD5
  
  d865604715daec772b3c7bc86cf6cb2c
- SHA1
  
  8b34c442dda04930bf535275b5926c06584d0643
- SHA256
  
  d097246fca01b72e58cd7ce0ad35bf8e3f517508a9e320d063ae7089ef98517a
- SHA512
  
  b0c296302030470d30a5f3327e5cfb0a0745727d8343d75c71a28243d956763d8f8a629c084d4aa6bf5c949874272fff168994f695090785bc0d4aa904eb0e06
- SSDEEP
  
  196608:ZJCc+/wmeML2XJ+eTcbn7qAcfM8jFGL0w3Fk:Zd+/wcL2X4eO7wbGL00Fk
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer