lumma | df5f9d36a731e6dd23c036dc365fe852e2f5ceb865dba753950351b922a03590 | Triage

Sharing

General

Target

Loader.exe
Size

30.4MB
Sample

250126-a1p4eswjdt
MD5

4c9a5353c4d128e5c91f62594541c809
SHA1

4693f7c7a7cb2271a0e586bd6ab9b3e99f1bd078
SHA256

df5f9d36a731e6dd23c036dc365fe852e2f5ceb865dba753950351b922a03590
SHA512

c1fdae552c7c8b497ee82779b05c08db6946565b620cd9c5deb7b521babd3012398cc3e0e0878aa51c0eb4bc1f5b6f6339eed0754a4f8def161b63d11687bbe0
SSDEEP

6144:bWAoFwzNQONDkBahgVWmoPZXOZNcb9s2Gxvh+U0rZOOzqPdYH211IpBB++53XwF5:bFbzyOND0ToEUbOn4UQXzqd9IpBB1u7

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  Loader.exe
- Size
  
  30.4MB
- MD5
  
  4c9a5353c4d128e5c91f62594541c809
- SHA1
  
  4693f7c7a7cb2271a0e586bd6ab9b3e99f1bd078
- SHA256
  
  df5f9d36a731e6dd23c036dc365fe852e2f5ceb865dba753950351b922a03590
- SHA512
  
  c1fdae552c7c8b497ee82779b05c08db6946565b620cd9c5deb7b521babd3012398cc3e0e0878aa51c0eb4bc1f5b6f6339eed0754a4f8def161b63d11687bbe0
- SSDEEP
  
  6144:bWAoFwzNQONDkBahgVWmoPZXOZNcb9s2Gxvh+U0rZOOzqPdYH211IpBB++53XwF5:bFbzyOND0ToEUbOn4UQXzqd9IpBB1u7
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer