lumma | fe5117d476a540ae72ba713ae4781c2cb9ffa12503b34a527ad3ca7853de4929 | Triage

Sharing

General

Target

2025-01-05_0a3b8862e11a77eefc443c202ecc8336_magniber
Size

671.8MB
Sample

250105-v45nhasqgr
MD5

0a3b8862e11a77eefc443c202ecc8336
SHA1

a388e011c3aa07a45f269a2ebf5b9e1fab235ef4
SHA256

fe5117d476a540ae72ba713ae4781c2cb9ffa12503b34a527ad3ca7853de4929
SHA512

2b1aa70e48ca5528d2b8f4583ab9a2f7f203028693bbc768442804808860e3be6adaaf77a442bf2d51b5e4f2bfbe41daf16a93a206a7cc7e8b660091e1fa03f3
SSDEEP

49152:4NuYWEYKkHFfTvBJEvUf2vtY7uRfbQswUZcSByYGv5uuv/DYi35PB+MTRx2VT4Gt:4NhWqQFfTjEvUfH7ul5ApZdel

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  2025-01-05_0a3b8862e11a77eefc443c202ecc8336_magniber
- Size
  
  671.8MB
- MD5
  
  0a3b8862e11a77eefc443c202ecc8336
- SHA1
  
  a388e011c3aa07a45f269a2ebf5b9e1fab235ef4
- SHA256
  
  fe5117d476a540ae72ba713ae4781c2cb9ffa12503b34a527ad3ca7853de4929
- SHA512
  
  2b1aa70e48ca5528d2b8f4583ab9a2f7f203028693bbc768442804808860e3be6adaaf77a442bf2d51b5e4f2bfbe41daf16a93a206a7cc7e8b660091e1fa03f3
- SSDEEP
  
  49152:4NuYWEYKkHFfTvBJEvUf2vtY7uRfbQswUZcSByYGv5uuv/DYi35PB+MTRx2VT4Gt:4NhWqQFfTjEvUfH7ul5ApZdel
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer