lumma | d4a388cc151fa56379f9ac6ef8b7851b6750c2ecfc2c8f6904ac6002865c4f30 | Triage

Sharing

General

Target

d4a388cc151fa56379f9ac6ef8b7851b6750c2ecfc2c8f6904ac6002865c4f30.exe
Size

5.4MB
Sample

250118-fmskaatmb1
MD5

6e3dc1be717861da3cd7c57e8a1e3911
SHA1

767e39aa9f02592d4234f38a21ea9a0e5aa66c62
SHA256

d4a388cc151fa56379f9ac6ef8b7851b6750c2ecfc2c8f6904ac6002865c4f30
SHA512

da91742e1494c027616e114e42d3333d61eda91379f6ad2ba415dc39e0b5165a25498d60537b3cb12a49267c306dfbec87d3af528e27abc9946cd5fda6b129c1
SSDEEP

98304:UK/ZoaSs+bgcPlK+rSN2xeELJ4g1x3+FbdYapMDrEPxiJVwJyHLcnP6WfwCA+D://uVs+bH9K+OGeIBSHqDIPI7WOLyyWfF

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  d4a388cc151fa56379f9ac6ef8b7851b6750c2ecfc2c8f6904ac6002865c4f30.exe
- Size
  
  5.4MB
- MD5
  
  6e3dc1be717861da3cd7c57e8a1e3911
- SHA1
  
  767e39aa9f02592d4234f38a21ea9a0e5aa66c62
- SHA256
  
  d4a388cc151fa56379f9ac6ef8b7851b6750c2ecfc2c8f6904ac6002865c4f30
- SHA512
  
  da91742e1494c027616e114e42d3333d61eda91379f6ad2ba415dc39e0b5165a25498d60537b3cb12a49267c306dfbec87d3af528e27abc9946cd5fda6b129c1
- SSDEEP
  
  98304:UK/ZoaSs+bgcPlK+rSN2xeELJ4g1x3+FbdYapMDrEPxiJVwJyHLcnP6WfwCA+D://uVs+bH9K+OGeIBSHqDIPI7WOLyyWfF
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer