lumma | 3350d611b51cebd812bb182308596540849f3424d85b8982bc09ef84d61a9f3b | Triage

Sharing

General

Target

#Pa$$w0rD__6654--0peɴ_Set-Up#$.zip
Size

14.7MB
Sample

250109-tbtj4awkbr
MD5

1e4f1d3c6c9cb99268a25c119e4e4213
SHA1

81f0f9b9ffe8d33df6c0fbbf276414e5539b1929
SHA256

3350d611b51cebd812bb182308596540849f3424d85b8982bc09ef84d61a9f3b
SHA512

e3cc3917c75dba1765ecf2738ae2f965fc07608cf91c5fe5731134a87797560ba2211ac4fd835fc0aeaceaed5adf3b68dbe712716702e0ead8a34d4d80e53bc3
SSDEEP

393216:V6EDhiWkMm2gPYCGItVOZplHasTGODNL4RUza:V5hhk/3YCGzpl6siOpkR1

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://rhythmsellk.cyou/api

Targets

- Target
  
  #Pa$$w0rD__6654--0peɴ_Set-Up#$.7z
- Size
  
  14.7MB
- MD5
  
  bd3d69eee6c586f371bba421c57b8513
- SHA1
  
  5cf3ff7a27c43cddf350f8d12320ed2934936c3a
- SHA256
  
  c9b8e74f330a39b46141d6411fee9d64d6a20d14547ccafee13924d4443d1337
- SHA512
  
  74d6284fa5b7ab553b597165280e1f9ee4553230cc617e2e17f18156cca1e6f84e0350e7e3d68ea51814ca5e5f69fc7b474c826990819e7c8766eb8a43ce7fc1
- SSDEEP
  
  393216:O6EDhiWkMm2gPYCGItVOZplHasTGODNL4RUzn:O5hhk/3YCGzpl6siOpkR4
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer