lumma | 6a8a1de22320a4f52baf0f7aadd6282dbb754f908986330f2c4f0ed0fb873eff

General

Target

6a8a1de22320a4f52baf0f7aadd6282dbb754f908986330f2c4f0ed0fb873eff.zip
Size

5.6MB
Sample

250107-acktsstrfv
MD5

4e57b0af4aaa2b3bb6025ff4ed410cef
SHA1

84f9a13289b7fb27784d60c89d1e45d9f01c4632
SHA256

6a8a1de22320a4f52baf0f7aadd6282dbb754f908986330f2c4f0ed0fb873eff
SHA512

d664ab36ba474083516427da370e9d487dd8e04233f219e887940945c3465b262095947c00342afd450069335223e44ce78cb9928e8f587164e9cffe1b022f97
SSDEEP

98304:MlsjEYVXcp/iU6dae09scZhCqwgZIJbU7MAITViUiWV92ujKTwoVFFuo/XVBh5g:mcXc9iPOVhwC8Q7MAYsUiWVTj8Jf/XVf

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  6a8a1de22320a4f52baf0f7aadd6282dbb754f908986330f2c4f0ed0fb873eff.zip
- Size
  
  5.6MB
- MD5
  
  4e57b0af4aaa2b3bb6025ff4ed410cef
- SHA1
  
  84f9a13289b7fb27784d60c89d1e45d9f01c4632
- SHA256
  
  6a8a1de22320a4f52baf0f7aadd6282dbb754f908986330f2c4f0ed0fb873eff
- SHA512
  
  d664ab36ba474083516427da370e9d487dd8e04233f219e887940945c3465b262095947c00342afd450069335223e44ce78cb9928e8f587164e9cffe1b022f97
- SSDEEP
  
  98304:MlsjEYVXcp/iU6dae09scZhCqwgZIJbU7MAITViUiWV92ujKTwoVFFuo/XVBh5g:mcXc9iPOVhwC8Q7MAYsUiWVTj8Jf/XVf
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2