lumma | aa86c065eb6782b94d0ed16ad51a1d042db48e0acc3b7891a205d98135d43bda | Triage

Sharing

General

Target

package1.zip
Size

1.2MB
Sample

250116-tdxdrsymaq
MD5

4a66728a014fef5ad0dc27f8d21cf32e
SHA1

b93b5ea5aefb7b2a4d85d414ff7acc940325aa71
SHA256

aa86c065eb6782b94d0ed16ad51a1d042db48e0acc3b7891a205d98135d43bda
SHA512

da4eb8a78dc8f2a6e6927fe61d88260536e320434cdf5170239220a91970b8de4d3ec2347cfa7c2394a9b2bbd0a69c6022ec496e53ddc2b3df023da71e5c0959
SSDEEP

24576:727NOXwQnDeiIDaxJbC5kOQfpEDjE9Z+oJImzqLZZ8hmbnPqkxeM91Q6hQJ5oC:q7ogQ+MJbsk/EdibzkZZ97PqknhQcC

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://impresnyb.cyou/api

Targets

- Target
  
  steamerrorreporter.exe
- Size
  
  560KB
- MD5
  
  dc1681b98049f1df46dd10d7f4c26045
- SHA1
  
  4c7f5cf7c00b6139979f8aa41f46979666369224
- SHA256
  
  594f9853124e0a81deeaaecb8ec3d192169e7393778214ef6d8f6460450ef080
- SHA512
  
  c9a2086326acbab8aba801da0d8bd2aa06951ec7fd7f32a3150f9521498c0b6711552695fbf9d0de7668503630c508bcd68e1d715796ef34f9945035da3fe1ed
- SSDEEP
  
  6144:mOzBfFojwX0v4KU9DJZ10Bwr/RvTuZjOULXAO99cER0u+GIIIIIIIhIIIIIIIIIZ:mONFX0v4KU9DJZ16wr/MHVm5a0dw/D
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  tier0_s.dll
- Size
  
  341KB
- MD5
  
  884013332bf332e4dd8cbf0109a8cfeb
- SHA1
  
  c01789d661d465ca29d20174d8f5d29afb1fcffa
- SHA256
  
  8ed104f6d7a50f95d515005bf6bd5569cd2dc0107119aa3d91e21dd7ba777e98
- SHA512
  
  ea18f416b1295edcfc197c685d56030246097bf95ffffa46f13a16753d05d95a1adb83b5ba0669eaa1049856ea2486ca0fc49507df7d41572de80701e9852f64
- SSDEEP
  
  6144:DO5PGFHiJNurwiq3u6FukK7hrYmFX0A2qu7ItONk+Z1s4gDT+x5/fXckKk:K2HiVRukK7hrnFh2qos4gDTAnlx
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  vstdlib_s.dll
- Size
  
  519KB
- MD5
  
  464b80302d3e5f1a12030f2afd15e8c0
- SHA1
  
  fa4a9d98b5272f3d1110188b53264b03134f1bcd
- SHA256
  
  954ecb7e90993cf1e3d426a00512f0591a0c385d986db7b923b872289a659ed9
- SHA512
  
  03686460522be3f830142c95b86dbaa686888a1fd22dc218ef6f0a6e1b7b1f8d65444b47d909c09348c6fa003d5f000998f640524aa001d719f4381c78e004d1
- SSDEEP
  
  6144:pHSB3aD4IaQhzA12ytyjiIhGdoVnfNJ6mgVQttuZ83OmQKgR3ezzm:x2IzFAEytyjiIEoVnfz6r01yozy
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

behavioral4

behavioral5

behavioral6