lumma | e7052b23049ebe573a28ab3027d17cd358807b821857815c7d3fb82b1c1f06d7 | Triage

Sharing

General

Target

random.exe
Size

500KB
Sample

250123-xalpmszrdj
MD5

a98e4efe9cff28f674615357d9affa29
SHA1

44194a83cd83640a24da68a6eaabde34701c4cea
SHA256

e7052b23049ebe573a28ab3027d17cd358807b821857815c7d3fb82b1c1f06d7
SHA512

f14bad8624c26fe09b5bfc2127f5e351f2575a649766374b860c46e8ce3103c5f645ffaa5dfb14d4f3d06f08361c6ceeb318a56df6d6f86be2c65c1597ff9e07
SSDEEP

6144:vnhInjRpR6OxlCzJSq52o9u0W7sPMiM3wA5JONYkDPYMMMyqJiIkQ:gRSOm1f52iW7sFRAUYcMMhVJ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

https://suggestyuoz.biz/api

Targets

- Target
  
  random.exe
- Size
  
  500KB
- MD5
  
  a98e4efe9cff28f674615357d9affa29
- SHA1
  
  44194a83cd83640a24da68a6eaabde34701c4cea
- SHA256
  
  e7052b23049ebe573a28ab3027d17cd358807b821857815c7d3fb82b1c1f06d7
- SHA512
  
  f14bad8624c26fe09b5bfc2127f5e351f2575a649766374b860c46e8ce3103c5f645ffaa5dfb14d4f3d06f08361c6ceeb318a56df6d6f86be2c65c1597ff9e07
- SSDEEP
  
  6144:vnhInjRpR6OxlCzJSq52o9u0W7sPMiM3wA5JONYkDPYMMMyqJiIkQ:gRSOm1f52iW7sFRAUYcMMhVJ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer