lumma | bfde542a99cb55e9d1d45f3e31b332f14c725d12f33971bf2446574826f33741 | Triage

Sharing

General

Target

script.exe
Size

404KB
Sample

250124-t2mt8sxlfw
MD5

bc53656f693c8e0234b85a8c6e2cd28a
SHA1

8401ff83f6b2adb1b4d830dee6f7fd2c09aa8ee5
SHA256

bfde542a99cb55e9d1d45f3e31b332f14c725d12f33971bf2446574826f33741
SHA512

4566497bf83ebec823a4c14a5a3f59d13040673892b32e36ff9ad6bf2a62412db22e810598ed07b0cca9147e0203e92bb3b1fdd7aac356dcd8e2cca3728cdedd
SSDEEP

12288:bFbzyONf/S6m3nRo0MH7+D4aHtEdsLvvcMKK:pTHyRoFlaNWK

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  script.exe
- Size
  
  404KB
- MD5
  
  bc53656f693c8e0234b85a8c6e2cd28a
- SHA1
  
  8401ff83f6b2adb1b4d830dee6f7fd2c09aa8ee5
- SHA256
  
  bfde542a99cb55e9d1d45f3e31b332f14c725d12f33971bf2446574826f33741
- SHA512
  
  4566497bf83ebec823a4c14a5a3f59d13040673892b32e36ff9ad6bf2a62412db22e810598ed07b0cca9147e0203e92bb3b1fdd7aac356dcd8e2cca3728cdedd
- SSDEEP
  
  12288:bFbzyONf/S6m3nRo0MH7+D4aHtEdsLvvcMKK:pTHyRoFlaNWK
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer

behavioral3

lummadiscoverystealer

behavioral4