lumma | fee7771775597b5552bf7fe898d0f2fe2c7945b7208c78fad912b9902a8b0f87 | Triage

Submit
Reports

Overview

overview

Static

static

7

solarafdh3...8).zip

windows10-2004-x64

Sharing

General

Target

solarafdh3wy (6868).zip
Size

371KB
Sample

250113-esm2baxqbl
MD5

06f129971e7657b5c33929df3f7a3494
SHA1

6463b90cf44d7ffc87833868e3e13089a288b6f3
SHA256

fee7771775597b5552bf7fe898d0f2fe2c7945b7208c78fad912b9902a8b0f87
SHA512

ade80ea45ca3551a61f1acd31245741d34b225d06790e3a7e52d6b94babc0dc83a5b885ab770084b5439c294cf8afa43bf142237ebf6a8643b5d03a9059c94e0
SSDEEP

6144:IorbNB4hcAyHu6py+hHp0zL9lV9mWjxznuUy/ygfj1yghILCU+NIi3Fd1Pyh8MgN:Iorb34hcH0oJ0zLTnuUy6m1ygh2+NIi3

Score

10^/10

lumma discovery stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

solarafdh3wy (6868).zip

Resource

win10v2004-20241007-en

lumma discovery stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

Targets

- Target
  
  solarafdh3wy (6868).zip
- Size
  
  371KB
- MD5
  
  06f129971e7657b5c33929df3f7a3494
- SHA1
  
  6463b90cf44d7ffc87833868e3e13089a288b6f3
- SHA256
  
  fee7771775597b5552bf7fe898d0f2fe2c7945b7208c78fad912b9902a8b0f87
- SHA512
  
  ade80ea45ca3551a61f1acd31245741d34b225d06790e3a7e52d6b94babc0dc83a5b885ab770084b5439c294cf8afa43bf142237ebf6a8643b5d03a9059c94e0
- SSDEEP
  
  6144:IorbNB4hcAyHu6py+hHp0zL9lV9mWjxznuUy/ygfj1yghILCU+NIi3Fd1Pyh8MgN:Iorb34hcH0oJ0zLTnuUy6m1ygh2+NIi3
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

© 2018-2025

Terms | Privacy