lumma | f42aa0a453a433888809f12aaae24e6591e567f1e3431f81a5be9003018e650d

General

Target

f42aa0a453a433888809f12aaae24e6591e567f1e3431f81a5be9003018e650d.zip
Size

344KB
Sample

250107-acmy6awpbn
MD5

0cf6d1ddb8b202b07ee40a2d6bbbbaf1
SHA1

8e1cd2dfea912e3982cab75de05962c71c3879a3
SHA256

f42aa0a453a433888809f12aaae24e6591e567f1e3431f81a5be9003018e650d
SHA512

f89f3361d58fa82c6797d28d1ab71905e410df3b0a539dc25e0ec62f5055e8cbe7e1325bc334c742b71cc62c4f137d512a5f6267590100c72aa9e470df309c43
SSDEEP

6144:DTU/zEzdN1rJOKO3JYBm7vSnBtFVJgHafwEJ5hQ9PvC9IzSDH1v48kRNaITLFX:/y2d3rJ1VE7v0XFVJowxJ5hsvuIeDd4F

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Targets

- Target
  
  f42aa0a453a433888809f12aaae24e6591e567f1e3431f81a5be9003018e650d.zip
- Size
  
  344KB
- MD5
  
  0cf6d1ddb8b202b07ee40a2d6bbbbaf1
- SHA1
  
  8e1cd2dfea912e3982cab75de05962c71c3879a3
- SHA256
  
  f42aa0a453a433888809f12aaae24e6591e567f1e3431f81a5be9003018e650d
- SHA512
  
  f89f3361d58fa82c6797d28d1ab71905e410df3b0a539dc25e0ec62f5055e8cbe7e1325bc334c742b71cc62c4f137d512a5f6267590100c72aa9e470df309c43
- SSDEEP
  
  6144:DTU/zEzdN1rJOKO3JYBm7vSnBtFVJgHafwEJ5hQ9PvC9IzSDH1v48kRNaITLFX:/y2d3rJ1VE7v0XFVJowxJ5hsvuIeDd4F
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2