lumma | c168dacd7da92cc12194e02becaf9b51aa43f835a450db1accb0c24eafaea10f

General

Target

c168dacd7da92cc12194e02becaf9b51aa43f835a450db1accb0c24eafaea10f.exe
Size

10.5MB
Sample

250118-nfad5asnhl
MD5

c15b5a4acadf4a59740b40cdb461a192
SHA1

030122f597c9aaa95b1b849f0a2442bb0a2385bf
SHA256

c168dacd7da92cc12194e02becaf9b51aa43f835a450db1accb0c24eafaea10f
SHA512

35eeed77c2c5b2650c10d4c0f36ea0cfb652c02f897b44bf7e5a3e7046f5ea9f9da7b613fd5caeaa2470e35e336110114701b149978cfba89cd9a83a42398c9d
SSDEEP

196608:MzFsg6BXP4XAGFyxL/jBn1nG5lNniIbZg4TYc1vR31A4zur5MOjjDDTTVp2w/cre:MzFgWcbdebPH1AJp2w/HSk

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://servicedny.site/api

https://authorisev.site/api

https://faulteyotk.site/api

https://dilemmadu.site/api

https://contemteny.site/api

https://goalyfeastz.site/api

https://opposezmny.site/api

https://seallysl.site/api

https://dominatez.cyou/api

Targets

- Target
  
  c168dacd7da92cc12194e02becaf9b51aa43f835a450db1accb0c24eafaea10f.exe
- Size
  
  10.5MB
- MD5
  
  c15b5a4acadf4a59740b40cdb461a192
- SHA1
  
  030122f597c9aaa95b1b849f0a2442bb0a2385bf
- SHA256
  
  c168dacd7da92cc12194e02becaf9b51aa43f835a450db1accb0c24eafaea10f
- SHA512
  
  35eeed77c2c5b2650c10d4c0f36ea0cfb652c02f897b44bf7e5a3e7046f5ea9f9da7b613fd5caeaa2470e35e336110114701b149978cfba89cd9a83a42398c9d
- SSDEEP
  
  196608:MzFsg6BXP4XAGFyxL/jBn1nG5lNniIbZg4TYc1vR31A4zur5MOjjDDTTVp2w/cre:MzFgWcbdebPH1AJp2w/HSk
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2