lumma | fe84e5a3c6e61f707036117078cb6da9ecfba7dd70e8e54baf57d8940ba0c717

General

Target

fe84e5a3c6e61f707036117078cb6da9ecfba7dd70e8e54baf57d8940ba0c717.zip
Size

356KB
Sample

250107-accs7atqh1
MD5

e035de79880fd215c3819c350d437d17
SHA1

310b4809c0ea96cf022e687254d29b582e909954
SHA256

fe84e5a3c6e61f707036117078cb6da9ecfba7dd70e8e54baf57d8940ba0c717
SHA512

873b7931b8acd4293a590a3ff3da2b7973653e4c12ec231fcf10bbb62b1466ba5c9ac7c5ae1d0c10947e92f4e6152bc798501eb5405a44af9f8d2cadc2581052
SSDEEP

6144:9dO2U+hMdtR2h66yCeBbZoYdBrMAbsF6tujYqMyN2dvXYPC1:9MaMdr2h66ABbvMag6tfhVYPu

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  fe84e5a3c6e61f707036117078cb6da9ecfba7dd70e8e54baf57d8940ba0c717.zip
- Size
  
  356KB
- MD5
  
  e035de79880fd215c3819c350d437d17
- SHA1
  
  310b4809c0ea96cf022e687254d29b582e909954
- SHA256
  
  fe84e5a3c6e61f707036117078cb6da9ecfba7dd70e8e54baf57d8940ba0c717
- SHA512
  
  873b7931b8acd4293a590a3ff3da2b7973653e4c12ec231fcf10bbb62b1466ba5c9ac7c5ae1d0c10947e92f4e6152bc798501eb5405a44af9f8d2cadc2581052
- SSDEEP
  
  6144:9dO2U+hMdtR2h66yCeBbZoYdBrMAbsF6tujYqMyN2dvXYPC1:9MaMdr2h66ABbvMag6tfhVYPu
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

.NET Reactor proctector

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2