lumma | ea29de98bb40573a086cfc2a259034250b6d215c7d90ab68711590daad270c34 | Triage

Sharing

General

Target

SoftWare.exe
Size

113.6MB
Sample

250104-2vk13atldm
MD5

51bd0d5d2f02112a029d2946f4bc0feb
SHA1

909e88ae6459ed7e235e2f4c7f89b89b9d319b2a
SHA256

ea29de98bb40573a086cfc2a259034250b6d215c7d90ab68711590daad270c34
SHA512

d9408fe9db00dace82ab361824c87cf99f6fe5354067aef52d2e575ff2d016313adfbd0a2df56c2d2d053e13f8fcefcb2076dc0d32b55ccbd8a7847e77bc8ccd
SSDEEP

98304:BQMbc4qFxN3cC1SlUFvbWEgq17gdUi7oJeihAtei7IktpOB:B5bw6lUtbWEgq1EdUi7oktpOB

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://reflectsurmise.cfd/api

Targets

- Target
  
  SoftWare.exe
- Size
  
  113.6MB
- MD5
  
  51bd0d5d2f02112a029d2946f4bc0feb
- SHA1
  
  909e88ae6459ed7e235e2f4c7f89b89b9d319b2a
- SHA256
  
  ea29de98bb40573a086cfc2a259034250b6d215c7d90ab68711590daad270c34
- SHA512
  
  d9408fe9db00dace82ab361824c87cf99f6fe5354067aef52d2e575ff2d016313adfbd0a2df56c2d2d053e13f8fcefcb2076dc0d32b55ccbd8a7847e77bc8ccd
- SSDEEP
  
  98304:BQMbc4qFxN3cC1SlUFvbWEgq17gdUi7oJeihAtei7IktpOB:B5bw6lUtbWEgq1EdUi7oktpOB
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer