lumma | 87db8408364a1c89e6e88844bc9eeea00a6ea96f9f925de3db3108714ac347b1 | Triage

Sharing

General

Target

87db8408364a1c89e6e88844bc9eeea00a6ea96f9f925de3db3108714ac347b1N
Size

346KB
Sample

250113-r1wpmsxpgm
MD5

a3194926e2ab5aaf25c91d9acabb5050
SHA1

a17c7bd508d4d741198073563a42efdc8f424236
SHA256

87db8408364a1c89e6e88844bc9eeea00a6ea96f9f925de3db3108714ac347b1
SHA512

85feb389ff32d3a084c961b6d91b3a71c01cb591ceb8894eced7a5347552b5f45449e96ca3d159b4aaf2c3ccdd0a346d0ded83bfd9724ff99740e2e7de70bcf7
SSDEEP

3072:gfDTTckNd5/ncBwbtJbTQ9FKb/70fHuObuZtWURxyBGdbafp4pyFdlP+RpU3wo2N:s/Ndlcy5J4PKn0GWot/R+EbSpsyUMn

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

Targets

- Target
  
  87db8408364a1c89e6e88844bc9eeea00a6ea96f9f925de3db3108714ac347b1N
- Size
  
  346KB
- MD5
  
  a3194926e2ab5aaf25c91d9acabb5050
- SHA1
  
  a17c7bd508d4d741198073563a42efdc8f424236
- SHA256
  
  87db8408364a1c89e6e88844bc9eeea00a6ea96f9f925de3db3108714ac347b1
- SHA512
  
  85feb389ff32d3a084c961b6d91b3a71c01cb591ceb8894eced7a5347552b5f45449e96ca3d159b4aaf2c3ccdd0a346d0ded83bfd9724ff99740e2e7de70bcf7
- SSDEEP
  
  3072:gfDTTckNd5/ncBwbtJbTQ9FKb/70fHuObuZtWURxyBGdbafp4pyFdlP+RpU3wo2N:s/Ndlcy5J4PKn0GWot/R+EbSpsyUMn
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2