lumma | d5974d84e69e776ea867da477864c52ef398bdaf83be9a0a5fff28413f878b46 | Triage

Sharing

General

Target

7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef.zip
Size

343KB
Sample

250120-fneptasphk
MD5

d61e7fb2a18c0b75b563af2dda0b2956
SHA1

1da049b8a93b13204c35773b7f1b9ba6c08f08bc
SHA256

d5974d84e69e776ea867da477864c52ef398bdaf83be9a0a5fff28413f878b46
SHA512

2187db49555d2e9be4e5471197f7c2fbf0ac09f66db65621cc91cc87d760478e967863b26715d3e551833ff2ed493e4d7ec5eb7353fbee44efede2a72babaaac
SSDEEP

6144:oltM4ndNCWOdO2Zif7FUxxT558iaa0WPSKkBgVvkaiE1i/744v:o35njO2DFUxRpkoSKkDPEQzD

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://avoidspaderik.shop/api

Targets

- Target
  
  7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef.exe
- Size
  
  361KB
- MD5
  
  09d639a4e99b01083f01d764a176d4aa
- SHA1
  
  fc302323c1746ade189a87496abeda6aa0fbc6df
- SHA256
  
  7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef
- SHA512
  
  87b54679e9029a7f4f70468453b4061069338956a7e3b2d2286ef9a06df3a737688f65d1c9005f950189f13d9535ab03caad684960f95233506fda4cca662872
- SSDEEP
  
  6144:nr8Ui1ZEk6/0XakBFbrDIiLZm20HfmcMluCBGGb/LXaEIEdR1bmoPNGD1hskQ:n9iZEk6MjBFHb8l+4Q1IEP1moVGDYJ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer