lumma | 52d8ad7e3af648b152b1f389c09e476c9fc1c6d919205a3b761ea45494f9707f | Triage

Sharing

General

Target

App v1.9 loader.rar
Size

114.3MB
Sample

250108-28f92axpaz
MD5

99307f63c41c423a36d45cfda5d5b7be
SHA1

aad3b4249e78f4f7290d653e9ed43e4b9429f2cb
SHA256

52d8ad7e3af648b152b1f389c09e476c9fc1c6d919205a3b761ea45494f9707f
SHA512

5dacba32dd0340fdbe41bc63e59138195a2ba3d1a03f15c099d3c2253d06f7c07d0192e138622d4a0d1436dc1fc5587ac5b63b3c299e033b4a3db361553dad2f
SSDEEP

3145728:LYAf8wsnMaUjhgfGTuK4G63nxnhMaOT7EyjWDWAkRI33nWN87/:L9DqGy3/3nphLOBKWAoW7/

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

https://letterdrive.shop/api

Targets

- Target
  
  App v1.9 loader.rar
- Size
  
  114.3MB
- MD5
  
  99307f63c41c423a36d45cfda5d5b7be
- SHA1
  
  aad3b4249e78f4f7290d653e9ed43e4b9429f2cb
- SHA256
  
  52d8ad7e3af648b152b1f389c09e476c9fc1c6d919205a3b761ea45494f9707f
- SHA512
  
  5dacba32dd0340fdbe41bc63e59138195a2ba3d1a03f15c099d3c2253d06f7c07d0192e138622d4a0d1436dc1fc5587ac5b63b3c299e033b4a3db361553dad2f
- SSDEEP
  
  3145728:LYAf8wsnMaUjhgfGTuK4G63nxnhMaOT7EyjWDWAkRI33nWN87/:L9DqGy3/3nphLOBKWAoW7/
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer