lumma | 6c1aebbf3ca02f341c5c1780855da45130d749d3c49f8d35f9f115fe7ef779f8 | Triage

Sharing

General

Target

0PENM3.zip
Size

415KB
Sample

250111-bdjtkaylep
MD5

6360f16fc357154d539ea645bd770275
SHA1

9b4b81df7499bd09be8ae34740252998608e8797
SHA256

6c1aebbf3ca02f341c5c1780855da45130d749d3c49f8d35f9f115fe7ef779f8
SHA512

f374b966cc221c44ceae82af7e518920b7494d91c42e7fc39a36fd9bd4e19813bffdfbfa58b02b8855f821fbc2c9b2365ae01f0c2acbcc16699b53d839f1ff27
SSDEEP

12288:dhxWN97tvj/drrcYsfgz1yCyZlz93uyXo18d4lRYqa:dhxYLrc74zsCazuhGcRYr

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toemagnifuy.biz/api

https://fraggielek.biz/api

https://grandiouseziu.biz/api

https://littlenotii.biz/api

https://marketlumpe.biz/api

https://nuttyshopr.biz/api

https://punishzement.biz/api

https://spookycappy.biz/api

https://truculengisau.biz/api

Targets

- Target
  
  0PENM3.zip
- Size
  
  415KB
- MD5
  
  6360f16fc357154d539ea645bd770275
- SHA1
  
  9b4b81df7499bd09be8ae34740252998608e8797
- SHA256
  
  6c1aebbf3ca02f341c5c1780855da45130d749d3c49f8d35f9f115fe7ef779f8
- SHA512
  
  f374b966cc221c44ceae82af7e518920b7494d91c42e7fc39a36fd9bd4e19813bffdfbfa58b02b8855f821fbc2c9b2365ae01f0c2acbcc16699b53d839f1ff27
- SSDEEP
  
  12288:dhxWN97tvj/drrcYsfgz1yCyZlz93uyXo18d4lRYqa:dhxYLrc74zsCazuhGcRYr
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer