lumma | fb3cf1aefe56b1aa9a819fd32cc6d9a25d3be51b5479de8d1736079cb081603a | Triage

Sharing

General

Target

2025-01-25_fcd46ef7868b47201f2b33312b755cbb_frostygoop_poet-rat_snatch
Size

10.3MB
Sample

250125-tz2wdasncm
MD5

fcd46ef7868b47201f2b33312b755cbb
SHA1

cf8e997a715d576a0184c68a9eee788065a1af58
SHA256

fb3cf1aefe56b1aa9a819fd32cc6d9a25d3be51b5479de8d1736079cb081603a
SHA512

3828631f4e0b988d4e13d8b768eb26aa6b3024e601bed37814adca6d12922838445bf845036eafe23dd2a3335d8da8091e27e0912792b856b43818e65cf08048
SSDEEP

98304:rqmiMOktmMNSBFFTUXM14w4R/0E0UTDvkXYKHAGuo1X+zYIwXhToqTxO3sBHvd:mmYjF11SBvOxO8BF

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://kitestarepatt.click/api

https://toppyneedus.biz/api

Targets

- Target
  
  2025-01-25_fcd46ef7868b47201f2b33312b755cbb_frostygoop_poet-rat_snatch
- Size
  
  10.3MB
- MD5
  
  fcd46ef7868b47201f2b33312b755cbb
- SHA1
  
  cf8e997a715d576a0184c68a9eee788065a1af58
- SHA256
  
  fb3cf1aefe56b1aa9a819fd32cc6d9a25d3be51b5479de8d1736079cb081603a
- SHA512
  
  3828631f4e0b988d4e13d8b768eb26aa6b3024e601bed37814adca6d12922838445bf845036eafe23dd2a3335d8da8091e27e0912792b856b43818e65cf08048
- SSDEEP
  
  98304:rqmiMOktmMNSBFFTUXM14w4R/0E0UTDvkXYKHAGuo1X+zYIwXhToqTxO3sBHvd:mmYjF11SBvOxO8BF
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer