lumma | 5104cdc6d23e96ac12c04e7b63b517ea5ee3129fb0dd6afc4649c91a61f1063d

General

Target

2025-01-06_808d19bb17547448cd7544ae23227f2a_frostygoop_poet-rat_snatch
Size

5.2MB
Sample

250106-x4b3asxlbm
MD5

808d19bb17547448cd7544ae23227f2a
SHA1

2d4dbd2cb1848a2ffafbf47f6041310fe3995975
SHA256

5104cdc6d23e96ac12c04e7b63b517ea5ee3129fb0dd6afc4649c91a61f1063d
SHA512

e6969e7015b94552a458802038cd05bb0254ae098108b590459cd78058793f02de86924deedd90448344973c7a8f3fdaa5f7861042ed7ae9831297c6df452a55
SSDEEP

49152:5VCOeg7Y1IRsxaddPda+LnBHnz0BK7a2cG6zZ19NILPxYRJnZlySe1zo4yY6uld7:5UFIR3XnLnBHoBbZ+1zo7b3lP

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://paymom/api

Extracted

Family

lumma

C2

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

Targets

- Target
  
  2025-01-06_808d19bb17547448cd7544ae23227f2a_frostygoop_poet-rat_snatch
- Size
  
  5.2MB
- MD5
  
  808d19bb17547448cd7544ae23227f2a
- SHA1
  
  2d4dbd2cb1848a2ffafbf47f6041310fe3995975
- SHA256
  
  5104cdc6d23e96ac12c04e7b63b517ea5ee3129fb0dd6afc4649c91a61f1063d
- SHA512
  
  e6969e7015b94552a458802038cd05bb0254ae098108b590459cd78058793f02de86924deedd90448344973c7a8f3fdaa5f7861042ed7ae9831297c6df452a55
- SSDEEP
  
  49152:5VCOeg7Y1IRsxaddPda+LnBHnz0BK7a2cG6zZ19NILPxYRJnZlySe1zo4yY6uld7:5UFIR3XnLnBHoBbZ+1zo7b3lP
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2