lumma | 7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef | Triage

Sharing

General

Target

7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef.exe
Size

361KB
Sample

250120-e4c1gs1pfq
MD5

09d639a4e99b01083f01d764a176d4aa
SHA1

fc302323c1746ade189a87496abeda6aa0fbc6df
SHA256

7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef
SHA512

87b54679e9029a7f4f70468453b4061069338956a7e3b2d2286ef9a06df3a737688f65d1c9005f950189f13d9535ab03caad684960f95233506fda4cca662872
SSDEEP

6144:nr8Ui1ZEk6/0XakBFbrDIiLZm20HfmcMluCBGGb/LXaEIEdR1bmoPNGD1hskQ:n9iZEk6MjBFHb8l+4Q1IEP1moVGDYJ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://avoidspaderik.shop/api

Targets

- Target
  
  7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef.exe
- Size
  
  361KB
- MD5
  
  09d639a4e99b01083f01d764a176d4aa
- SHA1
  
  fc302323c1746ade189a87496abeda6aa0fbc6df
- SHA256
  
  7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef
- SHA512
  
  87b54679e9029a7f4f70468453b4061069338956a7e3b2d2286ef9a06df3a737688f65d1c9005f950189f13d9535ab03caad684960f95233506fda4cca662872
- SSDEEP
  
  6144:nr8Ui1ZEk6/0XakBFbrDIiLZm20HfmcMluCBGGb/LXaEIEdR1bmoPNGD1hskQ:n9iZEk6MjBFHb8l+4Q1IEP1moVGDYJ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer