lumma | 043fdfe5e6b0c592331d5ef5a3a003c0eb05009137072cfc6ed6182d05f56768 | Triage

Sharing

General

Target

043fdfe5e6b0c592331d5ef5a3a003c0eb05009137072cfc6ed6182d05f56768.exe
Size

5.4MB
Sample

250120-cflxdawmhk
MD5

09fde57aa466ecc531b93d616ba6a6cd
SHA1

ff9e3df7cce6b4201a08f12a59c62f2b8b11ab8a
SHA256

043fdfe5e6b0c592331d5ef5a3a003c0eb05009137072cfc6ed6182d05f56768
SHA512

a391a024ed6a1a5a0dd2cdd0f022300935b42f67422b6ee8efe7b0727a1a7ac4296478824a84fc12bfef368eb73fd3112fab66d70fea3e5a2133fe6cb7dbb3b6
SSDEEP

49152:0ZpikprLA5tOC2qst6lPcYRB1NSw6BQgcS1TFqvDK/ZUXTgrPnLaeXTEV/APERjm:073aqsstUPv1e1TsK/ZUXr

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://jokeprvffat.cyou/api

Targets

- Target
  
  043fdfe5e6b0c592331d5ef5a3a003c0eb05009137072cfc6ed6182d05f56768.exe
- Size
  
  5.4MB
- MD5
  
  09fde57aa466ecc531b93d616ba6a6cd
- SHA1
  
  ff9e3df7cce6b4201a08f12a59c62f2b8b11ab8a
- SHA256
  
  043fdfe5e6b0c592331d5ef5a3a003c0eb05009137072cfc6ed6182d05f56768
- SHA512
  
  a391a024ed6a1a5a0dd2cdd0f022300935b42f67422b6ee8efe7b0727a1a7ac4296478824a84fc12bfef368eb73fd3112fab66d70fea3e5a2133fe6cb7dbb3b6
- SSDEEP
  
  49152:0ZpikprLA5tOC2qst6lPcYRB1NSw6BQgcS1TFqvDK/ZUXTgrPnLaeXTEV/APERjm:073aqsstUPv1e1TsK/ZUXr
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer