lumma | eac1356f75982854c1cc2884b5dd915e6634399788ff1087705660e1f62c13b1 | Triage

Sharing

General

Target

eac1356f75982854c1cc2884b5dd915e6634399788ff1087705660e1f62c13b1N.exe
Size

297KB
Sample

250122-g2nejssmbv
MD5

4aa1245eb05e1ed4e2fe48c0b1c659b0
SHA1

29292e2adce8bd2fc74683404b3220a6b0ff00c2
SHA256

eac1356f75982854c1cc2884b5dd915e6634399788ff1087705660e1f62c13b1
SHA512

47c3243256de887b03192d7dee8abf9af2653b5d3e8c558cd7c5121ff81ae8c16a1db1ee18ee8f412a8d603422ef4a43a14f1c265d143da956b010c41f801404
SSDEEP

6144:7B/ahvK/V83jY4VAfv8HJHOzA2xcsA7VzktJpC6:4hEV83VAfv8HbkcsAhItJh

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://boilyroose.shop/api

Targets

- Target
  
  eac1356f75982854c1cc2884b5dd915e6634399788ff1087705660e1f62c13b1N.exe
- Size
  
  297KB
- MD5
  
  4aa1245eb05e1ed4e2fe48c0b1c659b0
- SHA1
  
  29292e2adce8bd2fc74683404b3220a6b0ff00c2
- SHA256
  
  eac1356f75982854c1cc2884b5dd915e6634399788ff1087705660e1f62c13b1
- SHA512
  
  47c3243256de887b03192d7dee8abf9af2653b5d3e8c558cd7c5121ff81ae8c16a1db1ee18ee8f412a8d603422ef4a43a14f1c265d143da956b010c41f801404
- SSDEEP
  
  6144:7B/ahvK/V83jY4VAfv8HJHOzA2xcsA7VzktJpC6:4hEV83VAfv8HbkcsAhItJh
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer