lumma | 4d876aac0df8375b148477feeed27a694f27a1bc8c6696cbd6ea961aef83305c | Triage

Resubmissions

24-01-2025 18:24

250124-w12m4ssran 10

24-01-2025 18:22

250124-wz3h1ssqfk 3

Sharing

General

Target

f170f34825d857e3f0bac835dd2385d074aa8f1b7fd1887fb26e847059179dad.zip
Size

375KB
Sample

250124-w12m4ssran
MD5

288ec261ae0445f76957a499f69c0ac5
SHA1

6408e5521d53da1921f8b8b1e51088a8944c37dd
SHA256

4d876aac0df8375b148477feeed27a694f27a1bc8c6696cbd6ea961aef83305c
SHA512

975a48cf94bf32f131fb6c1e770a168f2d178279c7710aa786d820c3a73b8f951de1ece464cff000af319966be04fda23d6de309e38c439608aec8484d21aa65
SSDEEP

6144:17W7KoJS2PPpGq8SVRqzjyHNQ+tIVleSsHNM2KNpFuqNVJVeiY+xZad7JhY+GSvo:VW5Y2PQq8S/r2oIeSEa2muwVzFG9J2gg

Score

10^/10

lumma vidar discovery stealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/sc1phell

https://steamcommunity.com/profiles/76561199819539662

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Extracted

Family

lumma

C2

https://winnyhelplejsu.shop/api

Targets

- Target
  
  f170f34825d857e3f0bac835dd2385d074aa8f1b7fd1887fb26e847059179dad
- Size
  
  975KB
- MD5
  
  9cde35700dfe9eb8d7cd5a245c885fea
- SHA1
  
  dd7f90313fdc11981b85b701c4c2935cb8d0b392
- SHA256
  
  f170f34825d857e3f0bac835dd2385d074aa8f1b7fd1887fb26e847059179dad
- SHA512
  
  86f425c785905108676427bed397d8ddafb51bbb1fe1e36fce022e6aaea050227c0ed992eea559ac68954ae7014709d22fa406d9a38c86b62e43ca985a69c77c
- SSDEEP
  
  6144:jfkvdAoVGhIIcnSXX04aVhg0SEAAVl/YpKYM463rgqq/tipAxCT:ovd1ghIfnSXE4aWEllgpPJ6b+1s
Score

10^/10

discovery lumma vidar stealer
- Detect Vidar Stealer
  stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummavidardiscoverystealer