lumma | fa56244a9d4b7a4cdd74fb856dacd249ab8a31326ec8c6795a79b5f304bae948 | Triage

Sharing

General

Target

Caldera-Loader.exe
Size

618KB
Sample

250111-wy8cwaxrgr
MD5

a4f9e4cb897c99a47a0b78dd330ecc75
SHA1

c5d63589a5a1db6f66472bbafef087b1188b7d03
SHA256

fa56244a9d4b7a4cdd74fb856dacd249ab8a31326ec8c6795a79b5f304bae948
SHA512

73f04f97951b5b3a3ce72a760f1a25b8c4a550956fd1fbc100cd2111dde365f76df9688b75b93ca67f1e87ab49d79cbf0dcd477b69689ddc5466d019738f5716
SSDEEP

12288:+V9JLFQBROFSlYu1BDzOelH7TkZm21dvDUVYYY+H:+VoEu1RaelH7TkZm21dvDUVYYY+

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

Targets

- Target
  
  Caldera-Loader.exe
- Size
  
  618KB
- MD5
  
  a4f9e4cb897c99a47a0b78dd330ecc75
- SHA1
  
  c5d63589a5a1db6f66472bbafef087b1188b7d03
- SHA256
  
  fa56244a9d4b7a4cdd74fb856dacd249ab8a31326ec8c6795a79b5f304bae948
- SHA512
  
  73f04f97951b5b3a3ce72a760f1a25b8c4a550956fd1fbc100cd2111dde365f76df9688b75b93ca67f1e87ab49d79cbf0dcd477b69689ddc5466d019738f5716
- SSDEEP
  
  12288:+V9JLFQBROFSlYu1BDzOelH7TkZm21dvDUVYYY+H:+VoEu1RaelH7TkZm21dvDUVYYY+
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer