lumma | fe072d0c4706d77602850b4afc29fc920c09023d7baf50ad2d2a4a660ae47290 | Triage

Sharing

General

Target

2025-01-12_7c21404e98bdac8937e6f1186ff7abff_frostygoop_poet-rat_snatch
Size

6.4MB
Sample

250112-vxvjys1nbx
MD5

7c21404e98bdac8937e6f1186ff7abff
SHA1

77dd07abe63791ab68974e46ad1c4e97f776c57b
SHA256

fe072d0c4706d77602850b4afc29fc920c09023d7baf50ad2d2a4a660ae47290
SHA512

aab3771fc9d9e5ba67caa0d9bb3f771d18b33e9d5d70450324ac32f51618f0ab09382f6ba898e06d8426e7aebe0ac9971c955d81a98a96239faee2711bb0a124
SSDEEP

49152:RRjPNsuk1DCquwOdv1VdpV1Z008/42f3MII+rvIV2CCW9vp6x1UpeeNXi:R9PNs5F2wOdDbVi/A4C9vzpRXi

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://owerinternal.sbs/api

Targets

- Target
  
  2025-01-12_7c21404e98bdac8937e6f1186ff7abff_frostygoop_poet-rat_snatch
- Size
  
  6.4MB
- MD5
  
  7c21404e98bdac8937e6f1186ff7abff
- SHA1
  
  77dd07abe63791ab68974e46ad1c4e97f776c57b
- SHA256
  
  fe072d0c4706d77602850b4afc29fc920c09023d7baf50ad2d2a4a660ae47290
- SHA512
  
  aab3771fc9d9e5ba67caa0d9bb3f771d18b33e9d5d70450324ac32f51618f0ab09382f6ba898e06d8426e7aebe0ac9971c955d81a98a96239faee2711bb0a124
- SSDEEP
  
  49152:RRjPNsuk1DCquwOdv1VdpV1Z008/42f3MII+rvIV2CCW9vp6x1UpeeNXi:R9PNs5F2wOdDbVi/A4C9vzpRXi
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer