lumma | d3789d638bfaf2d83e011d05a562fa3b6884e27aa14081c2e72362b6319257c5

General

Target

d3789d638bfaf2d83e011d05a562fa3b6884e27aa14081c2e72362b6319257c5.exe
Size

3.4MB
Sample

250113-gdd6za1ldj
MD5

f4ae7032964e881708199313b446af52
SHA1

3b90cc75e6cacfc111d513c2241b98eb59ceb372
SHA256

d3789d638bfaf2d83e011d05a562fa3b6884e27aa14081c2e72362b6319257c5
SHA512

6066cf529aa78aacb60743152e1a60f97ab3f25e88714e3cd2fe40955f7cc3c1d4be048984f0e6858fcdaef383b7d4930ec82d5489dfe69fc1a90377071f6bf9
SSDEEP

98304:b8JST8ak3xnr06jmQ3CDPpv7RWC+W1N8AI9k5G5jlckAC:oJST8RnwmK9ZKP1AC

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://giftermelde.cfd/api

Extracted

Family

lumma

C2

https://giftermelde.cfd/api

Targets

- Target
  
  d3789d638bfaf2d83e011d05a562fa3b6884e27aa14081c2e72362b6319257c5.exe
- Size
  
  3.4MB
- MD5
  
  f4ae7032964e881708199313b446af52
- SHA1
  
  3b90cc75e6cacfc111d513c2241b98eb59ceb372
- SHA256
  
  d3789d638bfaf2d83e011d05a562fa3b6884e27aa14081c2e72362b6319257c5
- SHA512
  
  6066cf529aa78aacb60743152e1a60f97ab3f25e88714e3cd2fe40955f7cc3c1d4be048984f0e6858fcdaef383b7d4930ec82d5489dfe69fc1a90377071f6bf9
- SSDEEP
  
  98304:b8JST8ak3xnr06jmQ3CDPpv7RWC+W1N8AI9k5G5jlckAC:oJST8RnwmK9ZKP1AC
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of NtCreateUserProcessOtherParentProcess

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2