lumma | e6ce4276746ce12b5ec683636a98ce7727d7f863c55517a958d3a521fcc3fff0

General

Target

2025-01-04_2551b4fc6eeed7c64d61ec74010878a6_frostygoop_poet-rat_snatch
Size

8.5MB
Sample

250104-j9nfmatkbp
MD5

2551b4fc6eeed7c64d61ec74010878a6
SHA1

5eda6c5c9ba9ac6d9d95ddb86a69e8e46ea2efe3
SHA256

e6ce4276746ce12b5ec683636a98ce7727d7f863c55517a958d3a521fcc3fff0
SHA512

304a466f83d510fb04e8d2dc9e9f2eaa576fe832f7aa2ff398c9d5d5f89ec02696e94a87ff2a3ac566ccbc8bbcbba5cc98cd71ee028dd11a2deaadab00131da3
SSDEEP

98304:VefHuNHB7+FG208z4yBaeQwYRLe+KeBia33v8DvD:UPuc08z41ia33vib

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

Targets

- Target
  
  2025-01-04_2551b4fc6eeed7c64d61ec74010878a6_frostygoop_poet-rat_snatch
- Size
  
  8.5MB
- MD5
  
  2551b4fc6eeed7c64d61ec74010878a6
- SHA1
  
  5eda6c5c9ba9ac6d9d95ddb86a69e8e46ea2efe3
- SHA256
  
  e6ce4276746ce12b5ec683636a98ce7727d7f863c55517a958d3a521fcc3fff0
- SHA512
  
  304a466f83d510fb04e8d2dc9e9f2eaa576fe832f7aa2ff398c9d5d5f89ec02696e94a87ff2a3ac566ccbc8bbcbba5cc98cd71ee028dd11a2deaadab00131da3
- SSDEEP
  
  98304:VefHuNHB7+FG208z4yBaeQwYRLe+KeBia33v8DvD:UPuc08z41ia33vib
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2