lumma | 435e590b45ed91e7055e2c9ba57ed75ea6b6e6b77d800854aa0242c7eb06f53c | Triage

Sharing

General

Target

435e590b45ed91e7055e2c9ba57ed75ea6b6e6b77d800854aa0242c7eb06f53c.zip
Size

838KB
Sample

250107-acb7natqhw
MD5

1e0d8a956f1560e6b4a903ac942a1e09
SHA1

2af4f6793a4ef72e94fe338e40e3bb3ca265c848
SHA256

435e590b45ed91e7055e2c9ba57ed75ea6b6e6b77d800854aa0242c7eb06f53c
SHA512

1dca52748d5721bfae9ce3e8dc6e5feccd5ca7d288e94363c6eacfb6104410bc6b8ab4e608ccc00fa29df6ff36b47df306a90f967dcdce52d815b2164387c5f4
SSDEEP

24576:cnDMxthCZvB6r6rnikifsMzxRq+a964GfXgtR:pxthSB6r6xizxRq+P4aXg3

Score

10^/10

lumma discovery persistence stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  violenceknowledgepro/violenceknowledgepro.exe
- Size
  
  889KB
- MD5
  
  d1eadfd356ca8d1415bce200777e72b9
- SHA1
  
  ac5d0d370ee26971cd5f7b62b77c5fc79aa2f801
- SHA256
  
  23a9650b7bee8c9e5b61d1662b611caa998cbce0cb9e6addaede9d4534e8e7a9
- SHA512
  
  8d918091ff2a15149e2e44f88767da0200d28e39a332e35c87cb72f27afc0cce16a2b5d01a60288e3d74d1fee1053da05de137cbe24a3631bc24b2292e180591
- SSDEEP
  
  24576:mfyJ6xNhYZvBSr65Jikifvbjd2rWeg04GfXgtp:TExNhCBSr6Nk0hg04aXg
Score

10^/10

lumma discovery persistence stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverypersistencestealer