lumma | 9b8151b4cef995450efd24cc7c893655c75a21e319c8ec7aabfa2158eff9cc69 | Triage

Sharing

General

Target

Aura.zip
Size

55.6MB
Sample

250123-whze2azjbm
MD5

e8afd5bbcce7341a4b5230c85552af04
SHA1

59dff54e0c80ac23841147b425e18f4ada4140da
SHA256

9b8151b4cef995450efd24cc7c893655c75a21e319c8ec7aabfa2158eff9cc69
SHA512

d34c8b183f20b4e6a0a0f9037918d2b6dbe28be85f1b3af0d516c9baeee87fb391240631cd03e99c9f5d77322d690e129224810b109cfd04e22938cbc967095c
SSDEEP

1572864:DujlHtq+7tS+4mJ5G6sbRTueZ6IcmLZV4:0htqGP5G6sdQIcmFO

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

https://suggestyuoz.biz/api

Targets

- Target
  
  Aura/Aura.exe
- Size
  
  404KB
- MD5
  
  506a4835ab7625ea0ff913b3d95d347a
- SHA1
  
  45c2d181da28afdd7e216efcd9a1659feaf4913e
- SHA256
  
  32f67406aa2fbcfff60e9f8b9aca6d1e27be306901ac6078df0ed3c3516582d8
- SHA512
  
  79f59ec0df8d6a37bac31b23687e38b7e791b037df37cd3016c8d3585b6bdd2768552cf3ac3f70dda5911e0ab80c8d630bb4f23497fa2dfe6c6ae454283b26fb
- SSDEEP
  
  12288:l1nhH51gsmIu0Wxwsq1OL7kmLTexPGtzEO:7hHUymworexPkzt
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer