lumma | d7f82fb48a1f96d0ab9a36fb14331ed1a618e980872830a865a08ae3f4a2d51a | Triage

Sharing

General

Target

d7f82fb48a1f96d0ab9a36fb14331ed1a618e980872830a865a08ae3f4a2d51a.zip
Size

651KB
Sample

250107-ack5katrf1
MD5

48df1349522495797220fdbca34d842b
SHA1

c1de44d4930c7585d941ebe1ac753c60a1bb11c2
SHA256

d7f82fb48a1f96d0ab9a36fb14331ed1a618e980872830a865a08ae3f4a2d51a
SHA512

7efa857c1ab4e76de4022a86d412a0555c663c92c98d4f61e70681690436fac03156bc295a855754218bf227c17d33678c795ab99597c6801848082ff957f81c
SSDEEP

12288:ReIdvFSLpJQBr8JJXindgAP1LbyxEac64p9y:RLdAt6DndgAP1sEa2

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://spellshagey.biz/api

Targets

- Target
  
  d7f82fb48a1f96d0ab9a36fb14331ed1a618e980872830a865a08ae3f4a2d51a.zip
- Size
  
  651KB
- MD5
  
  48df1349522495797220fdbca34d842b
- SHA1
  
  c1de44d4930c7585d941ebe1ac753c60a1bb11c2
- SHA256
  
  d7f82fb48a1f96d0ab9a36fb14331ed1a618e980872830a865a08ae3f4a2d51a
- SHA512
  
  7efa857c1ab4e76de4022a86d412a0555c663c92c98d4f61e70681690436fac03156bc295a855754218bf227c17d33678c795ab99597c6801848082ff957f81c
- SSDEEP
  
  12288:ReIdvFSLpJQBr8JJXindgAP1LbyxEac64p9y:RLdAt6DndgAP1sEa2
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer