lumma | 70d00b2368e0aaf0ec2aefd7e4db5d0f8934bb581da7b5dba5293d92a1743af4

General

Target

tesr.iso
Size

12.5MB
Sample

250113-jftesavqdl
MD5

334a290f09f8469e59b4aa9c0847f971
SHA1

d1278c450140e546bc177306a1fc80d3d596bc48
SHA256

70d00b2368e0aaf0ec2aefd7e4db5d0f8934bb581da7b5dba5293d92a1743af4
SHA512

ef2fe7d7100dc83a3ab020465d52986602d8ba6b3a13833e2cf5bd12947bd4bbe0e7feaecd2d74462d9bddc393737cbb4ca72b7d8b760af80c9770d932a1fedc
SSDEEP

393216:a34OXjrnjnEEQWbPbqeQ2K3G/JXa42gqf:s4I/njtQOr50Sqf

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://impend-differ.biz/api

https://print-vexer.biz/api

https://dare-curbys.biz/api

https://covery-mover.biz/api

https://formy-spill.biz/api

https://dwell-exclaim.biz/api

https://zinc-sneark.biz/api

https://se-blurry.biz/api

Targets

- Target
  
  tesr.exe
- Size
  
  12.1MB
- MD5
  
  4f96b4d0061d45b08d73e3526d82630f
- SHA1
  
  15d6d2445d55db393adf30f0bf7f4b649c098257
- SHA256
  
  30bc5b4729f0ae6ea5e1eb44654e739040f29941b5e6d2436b10ae93a98e5e6b
- SHA512
  
  6b50eb6e642adb840497b95e0dd5248054752027c15627c2a6262a4e7497c78d1a7eb7b1936c7d8c6f94557b99fcb465e5514f707e04f5f7cc1efee69216a372
- SSDEEP
  
  393216:R34OXjrnjnEEQWbPbqeQ2K3G/JXa42gqf:R4I/njtQOr50Sqf
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2