lumma | 34de42bdf2b9429c9069106b052533d3d8242336a9624a370be2b07d0557f9cc | Triage

Sharing

General

Target

Epsilon (Epsilon).zip
Size

17.1MB
Sample

250108-j3fr7stnfk
MD5

5e7e3fdab96e2e593c884b3d2f27d340
SHA1

8507f07bf0279ad43099a717d17f175704a94ff3
SHA256

34de42bdf2b9429c9069106b052533d3d8242336a9624a370be2b07d0557f9cc
SHA512

98195eef47a1eee3c3326695e8a3a7f59e582284bd1aacf35898a4197da86bc04d0448e37cb478df755e748dc32697cb791d2c18ce3ffec6d709580285e741b5
SSDEEP

196608:fkH6/dEdNCFWoOG0z1NYr1BIIUZc8Ovno3MP5M16JZ2g7gY6zExf6xtwkIZmBQcu:EdgWlZNYsImMx46J45EQU7ZwasJ3B3Dg

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

https://letterdrive.shop/api

Extracted

Family

lumma

C2

https://letterdrive.shop/api

https://soundtappysk.shop/api

https://femalsabler.shop/api

https://apporholis.shop/api

https://crowdwarek.shop/api

https://versersleep.shop/api

https://chipdonkeruz.shop/api

https://handscreamny.shop/api

https://robinsharez.shop/api

Targets

- Target
  
  Epsilon (Epsilon).zip
- Size
  
  17.1MB
- MD5
  
  5e7e3fdab96e2e593c884b3d2f27d340
- SHA1
  
  8507f07bf0279ad43099a717d17f175704a94ff3
- SHA256
  
  34de42bdf2b9429c9069106b052533d3d8242336a9624a370be2b07d0557f9cc
- SHA512
  
  98195eef47a1eee3c3326695e8a3a7f59e582284bd1aacf35898a4197da86bc04d0448e37cb478df755e748dc32697cb791d2c18ce3ffec6d709580285e741b5
- SSDEEP
  
  196608:fkH6/dEdNCFWoOG0z1NYr1BIIUZc8Ovno3MP5M16JZ2g7gY6zExf6xtwkIZmBQcu:EdgWlZNYsImMx46J45EQU7ZwasJ3B3Dg
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer