lumma | e82b2d28b58228c1ba4a94d2c501175e3dfdbe5c9748b29cfb1c9f525fde953e | Triage

Sharing

General

Target

LoaderXI.exe
Size

393KB
Sample

250123-yxx7ma1qdx
MD5

44ec2dcf1eac91ed4a47731c0e6707fe
SHA1

7fe157bcb8fc0693850a144bf726e51529174a14
SHA256

e82b2d28b58228c1ba4a94d2c501175e3dfdbe5c9748b29cfb1c9f525fde953e
SHA512

c3e5cec419aaf9c0e2a46445f5c4f99f6fde0f519e2962d7244b8caacfcbfcf29fec68f38647579a22ef1191909cc500d6be44eddfc89f577e0d469b00d9df80
SSDEEP

6144:Nd1uylo7HJ7grXn9t97k8zq3K0saL0oo/kAczM2ZcIjg1iLA/nmoEs2n1MEO:n1uyq7HFe9/jAoaLSsysL2nm20MEO

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

https://suggestyuoz.biz/api

Targets

- Target
  
  LoaderXI.exe
- Size
  
  393KB
- MD5
  
  44ec2dcf1eac91ed4a47731c0e6707fe
- SHA1
  
  7fe157bcb8fc0693850a144bf726e51529174a14
- SHA256
  
  e82b2d28b58228c1ba4a94d2c501175e3dfdbe5c9748b29cfb1c9f525fde953e
- SHA512
  
  c3e5cec419aaf9c0e2a46445f5c4f99f6fde0f519e2962d7244b8caacfcbfcf29fec68f38647579a22ef1191909cc500d6be44eddfc89f577e0d469b00d9df80
- SSDEEP
  
  6144:Nd1uylo7HJ7grXn9t97k8zq3K0saL0oo/kAczM2ZcIjg1iLA/nmoEs2n1MEO:n1uyq7HFe9/jAoaLSsysL2nm20MEO
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer