lumma | 0280259ae16e17c64e9e55c6dc03e13cd09393e410da233b3e895980f60d4098

General

Target

lnstalIer_Offiс[email protected]
Size

156.9MB
Sample

250106-1m4yja1mcj
MD5

bff5c701c0dc7fa81d0efadec2536fe6
SHA1

ab72fea17671d08cfba210139816fc4f83a21b46
SHA256

0280259ae16e17c64e9e55c6dc03e13cd09393e410da233b3e895980f60d4098
SHA512

7f1a0bc633c56eb557675f4e39bef0781b26fba753968092615defac3c1721ca778d7e41f2ffff28971aa62c2d149fbd8025252f27ba3c2458afd75b3ddab9f7
SSDEEP

3145728:ya3cBxra5Pc5HUTg1HTEFSNuFIEZSVu8TnehNDDSnTHLknOuK4CWKApR2I:yaYrg40U1sSNcIE8u8LeTvSnbwaw/yI

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  lnstalIer_Offiс[email protected]
- Size
  
  156.9MB
- MD5
  
  bff5c701c0dc7fa81d0efadec2536fe6
- SHA1
  
  ab72fea17671d08cfba210139816fc4f83a21b46
- SHA256
  
  0280259ae16e17c64e9e55c6dc03e13cd09393e410da233b3e895980f60d4098
- SHA512
  
  7f1a0bc633c56eb557675f4e39bef0781b26fba753968092615defac3c1721ca778d7e41f2ffff28971aa62c2d149fbd8025252f27ba3c2458afd75b3ddab9f7
- SSDEEP
  
  3145728:ya3cBxra5Pc5HUTg1HTEFSNuFIEZSVu8TnehNDDSnTHLknOuK4CWKApR2I:yaYrg40U1sSNcIE8u8LeTvSnbwaw/yI
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2