lumma | 038ecb50999a845cbb3d392a707e05202eadbec481090498fbad6f9b4c2da609 | Triage

Sharing

General

Target

Setup.exe
Size

508KB
Sample

250123-shgy7stla1
MD5

63ea7aa21ff14285d463cd8b7060667e
SHA1

c12c3339dac8b9f681a31707ddb94571f30a9828
SHA256

038ecb50999a845cbb3d392a707e05202eadbec481090498fbad6f9b4c2da609
SHA512

ed0c94e96ccec3ff7ce72ae0d84a41a528ef83922e83839637b2d74c7f71749f6803ad82bebbca3bbd205bed6f398616cc97b3dfce46645ba808120e4136b5c2
SSDEEP

6144:XnhIntJlFMyH6AN+L61NqLs49cLR+Pv0q70squUAU7jKWgIp+UyEeRRxYZBQ3kQ:oO86ABrqQ49YW0DsHUHd7yHUcJ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

https://suggestyuoz.biz/api

Targets

- Target
  
  Setup.exe
- Size
  
  508KB
- MD5
  
  63ea7aa21ff14285d463cd8b7060667e
- SHA1
  
  c12c3339dac8b9f681a31707ddb94571f30a9828
- SHA256
  
  038ecb50999a845cbb3d392a707e05202eadbec481090498fbad6f9b4c2da609
- SHA512
  
  ed0c94e96ccec3ff7ce72ae0d84a41a528ef83922e83839637b2d74c7f71749f6803ad82bebbca3bbd205bed6f398616cc97b3dfce46645ba808120e4136b5c2
- SSDEEP
  
  6144:XnhIntJlFMyH6AN+L61NqLs49cLR+Pv0q70squUAU7jKWgIp+UyEeRRxYZBQ3kQ:oO86ABrqQ49YW0DsHUHd7yHUcJ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer