lumma | 7494b75566c33c247a381887f26054acc2ea068c2485d5d0cef2fca6812e70e6 | Triage

Sharing

General

Target

Solara.exe
Size

526KB
Sample

250107-dsfrkatmfp
MD5

51749a96a9d6c32d40c490e370f1c6c5
SHA1

e4c5b079a557e452b19c24ee8e09d45c0d87df23
SHA256

7494b75566c33c247a381887f26054acc2ea068c2485d5d0cef2fca6812e70e6
SHA512

e4c20bd1bab6f0ef9cea473498d108eda1cf01a29c59da986c350a0834b8fc2d892f6a8810268a2233091d266d4adc4d79699946d974f38672f9815f3b1116f8
SSDEEP

12288:rztE0u86qlmk/5i8go6BrwSMpZg+GBv0JYlCaVJ34:rO0uYlmsD6dGUvHlvJ34

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  Solara.exe
- Size
  
  526KB
- MD5
  
  51749a96a9d6c32d40c490e370f1c6c5
- SHA1
  
  e4c5b079a557e452b19c24ee8e09d45c0d87df23
- SHA256
  
  7494b75566c33c247a381887f26054acc2ea068c2485d5d0cef2fca6812e70e6
- SHA512
  
  e4c20bd1bab6f0ef9cea473498d108eda1cf01a29c59da986c350a0834b8fc2d892f6a8810268a2233091d266d4adc4d79699946d974f38672f9815f3b1116f8
- SSDEEP
  
  12288:rztE0u86qlmk/5i8go6BrwSMpZg+GBv0JYlCaVJ34:rO0uYlmsD6dGUvHlvJ34
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer