lumma | 938618636b95c7957f0a74e94b9bce4b91ad625a2ebcc027ebae860bfa225ddc | Triage

Sharing

General

Target

2025-01-18_7dddf41ee5296b8deeaffdc6e4ca9f16_frostygoop_poet-rat_snatch
Size

6.8MB
Sample

250118-dbtl4a1mgn
MD5

7dddf41ee5296b8deeaffdc6e4ca9f16
SHA1

44f48d37fe11a04e0f55340c9c0ca716024b141e
SHA256

938618636b95c7957f0a74e94b9bce4b91ad625a2ebcc027ebae860bfa225ddc
SHA512

7d85495d909b5a4bf5401871c15ecc7ef9d4ace28abf8f1366f16d0f92cbd2d01eb326e29b50459a0ea82a3c5d32bb046ed53d44c2cc810be57da0a9ffc824fb
SSDEEP

98304:H67hUaqx/ky93Y45sr2NlwQBVqd7eFHgGfx/2xdx6v2:a7upY4BlF/qd7eFALxdv

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://wordemnyauop.shop/api

Targets

- Target
  
  2025-01-18_7dddf41ee5296b8deeaffdc6e4ca9f16_frostygoop_poet-rat_snatch
- Size
  
  6.8MB
- MD5
  
  7dddf41ee5296b8deeaffdc6e4ca9f16
- SHA1
  
  44f48d37fe11a04e0f55340c9c0ca716024b141e
- SHA256
  
  938618636b95c7957f0a74e94b9bce4b91ad625a2ebcc027ebae860bfa225ddc
- SHA512
  
  7d85495d909b5a4bf5401871c15ecc7ef9d4ace28abf8f1366f16d0f92cbd2d01eb326e29b50459a0ea82a3c5d32bb046ed53d44c2cc810be57da0a9ffc824fb
- SSDEEP
  
  98304:H67hUaqx/ky93Y45sr2NlwQBVqd7eFHgGfx/2xdx6v2:a7upY4BlF/qd7eFALxdv
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer