lumma | 0d1f8012e230a264ca5001a6273912c9e143a06fa045022a35bfe258fca9b77f | Triage

Sharing

General

Target

Temp-Spoofer-main.zip
Size

1.4MB
Sample

250110-sq37eayjbz
MD5

1e413e83af456d76749d0996bd9c69a7
SHA1

4a914947bfd3384ef7209dd68f27b80625d25faa
SHA256

0d1f8012e230a264ca5001a6273912c9e143a06fa045022a35bfe258fca9b77f
SHA512

a0f9b6e4a044d2b52b78db772395d8a86b15f29ddc75a302c5e34472d9f7bbdfff155a407fb2c4e3bdaa6422181706ac9ea1ce4a559f7c7a09df44bb5bb90127
SSDEEP

24576:BbUGpuVhxFetCJgDvdGZ8+rrEStGxqXfl+yR9epE2I0gxiO521UcgazBGqZP:BbvuPx4tCJgDvEZ8grIxOfQjB22LvZP

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

Targets

- Target
  
  Temp-Spoofer-main/TempSpoofer.exe
- Size
  
  393KB
- MD5
  
  3c4161be295e9e9d019ce68dae82d60a
- SHA1
  
  36447fc6418e209dff1bb8a5e576f4d46e3b3296
- SHA256
  
  0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d
- SHA512
  
  cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6
- SSDEEP
  
  12288:ndoOphZgRZGJZzu/aeZjl5FeBTCVpgTfR:ndl/QZGTuHhjFe1C3gt
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Temp-Spoofer-main/imgui/imgui_widgets.cpp
- Size
  
  398KB
- MD5
  
  4c861b508d279476cabe905125f9f22b
- SHA1
  
  21c66b34182e7a9cb3e9ba19480854ceb622d3a1
- SHA256
  
  c5411fb7b51416995e97478bbb2c77ce752090e41ffaed6aa401936247494cd5
- SHA512
  
  6f3b9edb38a124670764ccca43adf9c5be86dc23fd623b33bf50412125bf9782ff69a4a558e1fac5e5dbdc66b8f647c32a7306096f2afd91dc05b06a2a9e627a
- SSDEEP
  
  6144:mTSoo34Q5XfG21IV+gskMM2MpwFWk1O1EU:mTSoo34Q5XfHwMM2MpYWk1O1F
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

behavioral4