lumma | fb6307a7360cd5c6d7bee0ac0a6cb7898f8b61a19d2beb48634d6df9ecdc82aa | Triage

Sharing

General

Target

Qt5Core.dll
Size

4.0MB
Sample

250120-tta6gaxrgn
MD5

650a430d47df30c3d2b90a3b921382be
SHA1

262e7f0c547c47c18e809cf9a65916938e4a2a0f
SHA256

fb6307a7360cd5c6d7bee0ac0a6cb7898f8b61a19d2beb48634d6df9ecdc82aa
SHA512

03e70329ed404ebacceaed7e0cf3977927137e7089356842a69a84e7ba3128494069e3566cf89f09122e915f7f6e866be7179a1df58ded709edd0926e21eb1f2
SSDEEP

49152:5bRW57eZvQP1cy3mWGP0UFEICGojIVn4nLG7GESlx1nwS6sVlErS4cxqfd:rUpO7RFSxqf

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://handlequarte.shop/api

Targets

- Target
  
  Qt5Core.dll
- Size
  
  4.0MB
- MD5
  
  650a430d47df30c3d2b90a3b921382be
- SHA1
  
  262e7f0c547c47c18e809cf9a65916938e4a2a0f
- SHA256
  
  fb6307a7360cd5c6d7bee0ac0a6cb7898f8b61a19d2beb48634d6df9ecdc82aa
- SHA512
  
  03e70329ed404ebacceaed7e0cf3977927137e7089356842a69a84e7ba3128494069e3566cf89f09122e915f7f6e866be7179a1df58ded709edd0926e21eb1f2
- SSDEEP
  
  49152:5bRW57eZvQP1cy3mWGP0UFEICGojIVn4nLG7GESlx1nwS6sVlErS4cxqfd:rUpO7RFSxqf
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer