lumma | 91d4c156828cbd86ae8878a3ac2037d5c84e27c52933892fba57a1b4e463e9e5 | Triage

Sharing

General

Target

Roblox Premium Hack 2025.exe
Size

319KB
Sample

250111-hne2pazkcx
MD5

ff393cba0487b44eeae1c32901f47ba2
SHA1

f80144bd0b1c503668b8b273dd2340e16559a0d3
SHA256

91d4c156828cbd86ae8878a3ac2037d5c84e27c52933892fba57a1b4e463e9e5
SHA512

62560cab667d35d18a11ba436892a4ae76778c746df893dc88017f5dfdf906c81095e17acf961906fbd4050b6e0dd10857ac53360a2e8c42320d51ecb97c4f6e
SSDEEP

6144:06sHvedTG5cAF3CyM9AjB8EsBpMqDzei2Uh8zQ5cdpBSc:CvoGNlk2jGrBpMwei3+1D

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://whisperusz.biz/api

https://fraggielek.biz/api

https://grandiouseziu.biz/api

https://littlenotii.biz/api

https://marketlumpe.biz/api

https://nuttyshopr.biz/api

https://punishzement.biz/api

https://spookycappy.biz/api

https://truculengisau.biz/api

Targets

- Target
  
  Roblox Premium Hack 2025.exe
- Size
  
  319KB
- MD5
  
  ff393cba0487b44eeae1c32901f47ba2
- SHA1
  
  f80144bd0b1c503668b8b273dd2340e16559a0d3
- SHA256
  
  91d4c156828cbd86ae8878a3ac2037d5c84e27c52933892fba57a1b4e463e9e5
- SHA512
  
  62560cab667d35d18a11ba436892a4ae76778c746df893dc88017f5dfdf906c81095e17acf961906fbd4050b6e0dd10857ac53360a2e8c42320d51ecb97c4f6e
- SSDEEP
  
  6144:06sHvedTG5cAF3CyM9AjB8EsBpMqDzei2Uh8zQ5cdpBSc:CvoGNlk2jGrBpMwei3+1D
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer