lumma | 298dce529d78ae6cbf6f81d6cd751941adfcbe2e0014cb69bfef342ada4cf72d

General

Target

298dce529d78ae6cbf6f81d6cd751941adfcbe2e0014cb69bfef342ada4cf72d.exe
Size

617KB
Sample

250124-h7139swqhs
MD5

db92b18ae534adc4eebc93ceee82f2bc
SHA1

a5fcb768db7697a725c7a841c799c2bf29c0cdf0
SHA256

298dce529d78ae6cbf6f81d6cd751941adfcbe2e0014cb69bfef342ada4cf72d
SHA512

ba2422d2b988c7099deb952ddd4ccef5bafe53377579b4607d53b3304a4415162eb72d106eadeb9e69bd46d59a7510d25f8265e97e546e660f4a52f4c8e46dd3
SSDEEP

12288:ZD0V62PnMV4gqbmL/iA3KDs/ilBruH7CA:ZD12vMgmLqzA/iSH7j

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://rapeflowwj.lat/api

https://crosshuaht.lat/api

https://sustainskelet.lat/api

https://aspecteirs.lat/api

https://energyaffai.lat/api

https://necklacebudi.lat/api

https://discokeyus.lat/api

https://grannyejh.lat/api

https://spellshagey.biz/api

Targets

- Target
  
  298dce529d78ae6cbf6f81d6cd751941adfcbe2e0014cb69bfef342ada4cf72d.exe
- Size
  
  617KB
- MD5
  
  db92b18ae534adc4eebc93ceee82f2bc
- SHA1
  
  a5fcb768db7697a725c7a841c799c2bf29c0cdf0
- SHA256
  
  298dce529d78ae6cbf6f81d6cd751941adfcbe2e0014cb69bfef342ada4cf72d
- SHA512
  
  ba2422d2b988c7099deb952ddd4ccef5bafe53377579b4607d53b3304a4415162eb72d106eadeb9e69bd46d59a7510d25f8265e97e546e660f4a52f4c8e46dd3
- SSDEEP
  
  12288:ZD0V62PnMV4gqbmL/iA3KDs/ilBruH7CA:ZD12vMgmLqzA/iSH7j
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2