lumma | 210c6633c42bd185d92ad882a8cd836e9a266c672e4409b2edb74453fa96b60d | Triage

Sharing

General

Target

k2sMp1u.exe
Size

503KB
Sample

250123-wycafaznan
MD5

8479e460fc8a0284d9af6e699a07e2c4
SHA1

bd6a2177d050c97afe50dfb53c50f5103c875939
SHA256

210c6633c42bd185d92ad882a8cd836e9a266c672e4409b2edb74453fa96b60d
SHA512

5f41fecf65f6b36edfa285b0fd3c9ccd2e08f2520ce35d5aa14dfe2e67ffd6fabb9e776130bd4362ffe3bbb22b986614f536813e06eda9c2298bfd0b80dd531d
SSDEEP

12288:akN2r7eiIWbEnBnX/3PDxfw1pRlBB3mLDyyghJ:akN2veieX//D0j3OD5mJ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://suggestyuoz.biz/api

https://toppyneedus.biz/api

Targets

- Target
  
  k2sMp1u.exe
- Size
  
  503KB
- MD5
  
  8479e460fc8a0284d9af6e699a07e2c4
- SHA1
  
  bd6a2177d050c97afe50dfb53c50f5103c875939
- SHA256
  
  210c6633c42bd185d92ad882a8cd836e9a266c672e4409b2edb74453fa96b60d
- SHA512
  
  5f41fecf65f6b36edfa285b0fd3c9ccd2e08f2520ce35d5aa14dfe2e67ffd6fabb9e776130bd4362ffe3bbb22b986614f536813e06eda9c2298bfd0b80dd531d
- SSDEEP
  
  12288:akN2r7eiIWbEnBnX/3PDxfw1pRlBB3mLDyyghJ:akN2veieX//D0j3OD5mJ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer