lumma | cb34abebfc7b5a1d7368598e649ec185a7a55516a2cc4856af7bd71a2df737e6 | Triage

Sharing

General

Target

2025-01-18_c2fa90a7b29662af1888aa736a5da9f0_frostygoop_poet-rat_snatch
Size

20.9MB
Sample

250118-lc4sfszngr
MD5

c2fa90a7b29662af1888aa736a5da9f0
SHA1

d00b52d73f78b7a3e74dcb23b5d4315a2cff3174
SHA256

cb34abebfc7b5a1d7368598e649ec185a7a55516a2cc4856af7bd71a2df737e6
SHA512

2a97b1328c102bf9fa436939a7aa601fd952147120243f38522bf81e48063d4cd6364b28a7a284da5713bb58b0244d542863e66ce69dd853a058d697d3f2bd15
SSDEEP

98304:qwM40wXYLjljlFfBlZmpTXkePxRYnFN6ru04lorWsE70n:b5uxlJBaTXkePb6K3mJwn

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://joinresperct.shop/api

Targets

- Target
  
  2025-01-18_c2fa90a7b29662af1888aa736a5da9f0_frostygoop_poet-rat_snatch
- Size
  
  20.9MB
- MD5
  
  c2fa90a7b29662af1888aa736a5da9f0
- SHA1
  
  d00b52d73f78b7a3e74dcb23b5d4315a2cff3174
- SHA256
  
  cb34abebfc7b5a1d7368598e649ec185a7a55516a2cc4856af7bd71a2df737e6
- SHA512
  
  2a97b1328c102bf9fa436939a7aa601fd952147120243f38522bf81e48063d4cd6364b28a7a284da5713bb58b0244d542863e66ce69dd853a058d697d3f2bd15
- SSDEEP
  
  98304:qwM40wXYLjljlFfBlZmpTXkePxRYnFN6ru04lorWsE70n:b5uxlJBaTXkePb6K3mJwn
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer