lumma | 1f831d8bf35ec5f5a8312bdf75061e4bfb7d8bdff4a096473db027b55002228a | Triage

Sharing

General

Target

Reborn (2025).zip
Size

21.3MB
Sample

250108-j4v9aatpbp
MD5

450dde0ccb539d2aa5b22fc3af72a7b3
SHA1

11a57f9b8a0bdbb5b7ae506dade051ec3ab8c4cb
SHA256

1f831d8bf35ec5f5a8312bdf75061e4bfb7d8bdff4a096473db027b55002228a
SHA512

9ee4b53bcc3a8f9f12c72950ac1658462be87afb6af9b12fb5284fb6a5c79611b6810ad98ee80b732a572194a14319efcaf1514cc443e5f569273cec8f3807f4
SSDEEP

393216:ObBv0SoGMUtNEcqUWeOQi7ItRai6DjPy/LEy+Yaedz1ERL2F3r/ByP:O1FoboEZUWumSRaDjoQy+Yvgi1yP

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  Reborn (2025).zip
- Size
  
  21.3MB
- MD5
  
  450dde0ccb539d2aa5b22fc3af72a7b3
- SHA1
  
  11a57f9b8a0bdbb5b7ae506dade051ec3ab8c4cb
- SHA256
  
  1f831d8bf35ec5f5a8312bdf75061e4bfb7d8bdff4a096473db027b55002228a
- SHA512
  
  9ee4b53bcc3a8f9f12c72950ac1658462be87afb6af9b12fb5284fb6a5c79611b6810ad98ee80b732a572194a14319efcaf1514cc443e5f569273cec8f3807f4
- SSDEEP
  
  393216:ObBv0SoGMUtNEcqUWeOQi7ItRai6DjPy/LEy+Yaedz1ERL2F3r/ByP:O1FoboEZUWumSRaDjoQy+Yvgi1yP
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer