lumma | 8e7d673b86a87c1b77a481d7cf79a1c9ba1d36f5a423b3d61099a6f5edf232fc | Triage

Sharing

General

Target

wtsapi32.skinny.dll
Size

1.0MB
Sample

250123-fr83tstnby
MD5

fd3fee1a3b59f6a10ac217295b9e01e4
SHA1

be31bf358ffc070cf8e5256931e044793188cb23
SHA256

8e7d673b86a87c1b77a481d7cf79a1c9ba1d36f5a423b3d61099a6f5edf232fc
SHA512

5d18aae2b27bb48d059bafba253d441e0d347297f15fd92bc67860927a6953e538ccbf383b06cc576e3767e62b50020756a139c72164db421eaf60b3aa298683
SSDEEP

24576:bG7utVqoTZE1tZC0/K0EpZuYmsnbracgIL9Dan1lly:bGybXCHM0CpZuTsb4+ant

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://suggestyuoz.biz/api

Targets

- Target
  
  wtsapi32.skinny.dll
- Size
  
  1.0MB
- MD5
  
  fd3fee1a3b59f6a10ac217295b9e01e4
- SHA1
  
  be31bf358ffc070cf8e5256931e044793188cb23
- SHA256
  
  8e7d673b86a87c1b77a481d7cf79a1c9ba1d36f5a423b3d61099a6f5edf232fc
- SHA512
  
  5d18aae2b27bb48d059bafba253d441e0d347297f15fd92bc67860927a6953e538ccbf383b06cc576e3767e62b50020756a139c72164db421eaf60b3aa298683
- SSDEEP
  
  24576:bG7utVqoTZE1tZC0/K0EpZuYmsnbracgIL9Dan1lly:bGybXCHM0CpZuTsb4+ant
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer