lumma | 84b2ae5fc55b2394ffc16022d5dce9b11fb232f14ccedf0cde7b6af44d0c5bc9 | Triage

Sharing

General

Target

random.exe
Size

358KB
Sample

250118-vtn8rsyncz
MD5

92bf5eeea4fc551ed2d5090a3061704d
SHA1

e3d11cce21d1ecb7457f583539f5e92a54271bad
SHA256

84b2ae5fc55b2394ffc16022d5dce9b11fb232f14ccedf0cde7b6af44d0c5bc9
SHA512

47b156c503ebe5844bf712b431733f45f9e27797bb929f00293536d8c152a005638aade8a8cf386ca7fcdc1177755ca36aa46754d189daecd093009ad2a9dea6
SSDEEP

6144:TyJN9fUcPi6NViFY1mIHYH2bOVOWX74DscbbQHzm5ZO0zg8lMSKkbgbTjXx7x:2JN9JPi6a4mIG2yVlLKPb+zm5ZzOSL23

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://wordemnyauop.shop/api

Targets

- Target
  
  random.exe
- Size
  
  358KB
- MD5
  
  92bf5eeea4fc551ed2d5090a3061704d
- SHA1
  
  e3d11cce21d1ecb7457f583539f5e92a54271bad
- SHA256
  
  84b2ae5fc55b2394ffc16022d5dce9b11fb232f14ccedf0cde7b6af44d0c5bc9
- SHA512
  
  47b156c503ebe5844bf712b431733f45f9e27797bb929f00293536d8c152a005638aade8a8cf386ca7fcdc1177755ca36aa46754d189daecd093009ad2a9dea6
- SSDEEP
  
  6144:TyJN9fUcPi6NViFY1mIHYH2bOVOWX74DscbbQHzm5ZO0zg8lMSKkbgbTjXx7x:2JN9JPi6a4mIG2yVlLKPb+zm5ZzOSL23
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer