lumma | 87b36173ca980e886f2f2d96ce6b5aae2d91e6c4c47a17f7feca522ccb09cdc7 | Triage

Sharing

General

Target

87b36173ca980e886f2f2d96ce6b5aae2d91e6c4c47a17f7feca522ccb09cdc7
Size

1.9MB
Sample

250115-s9baqsxkgt
MD5

22b7f0553c0598c09af7b4d22189cca1
SHA1

be75b6c66695cb6a8d0b1a77f787193557e69f18
SHA256

87b36173ca980e886f2f2d96ce6b5aae2d91e6c4c47a17f7feca522ccb09cdc7
SHA512

048317ecd9656ab1615f2acea7f2fb95cb52549919c5a63690a4743f1d1bed5df2a7ae21969687f4ee172871229f297f68ddb4bccf3fe0727d1983a87f2fb39d
SSDEEP

24576:8Bp+kS4q8ISl7CWFzWsdgHTK8zTq0tD1PW9wqhMglodNDXiaLTSkk0C:UtS4q8I6Ou5dgHTK87tpO9pojiaL7C

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://wrensavoruziu.cyou/api

Targets

- Target
  
  87b36173ca980e886f2f2d96ce6b5aae2d91e6c4c47a17f7feca522ccb09cdc7
- Size
  
  1.9MB
- MD5
  
  22b7f0553c0598c09af7b4d22189cca1
- SHA1
  
  be75b6c66695cb6a8d0b1a77f787193557e69f18
- SHA256
  
  87b36173ca980e886f2f2d96ce6b5aae2d91e6c4c47a17f7feca522ccb09cdc7
- SHA512
  
  048317ecd9656ab1615f2acea7f2fb95cb52549919c5a63690a4743f1d1bed5df2a7ae21969687f4ee172871229f297f68ddb4bccf3fe0727d1983a87f2fb39d
- SSDEEP
  
  24576:8Bp+kS4q8ISl7CWFzWsdgHTK8zTq0tD1PW9wqhMglodNDXiaLTSkk0C:UtS4q8I6Ou5dgHTK87tpO9pojiaL7C
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer