lumma | 0513f12c182a105759497d8280f1c06800a8ff07e1d69341268f3c08ecc27c6d | Triage

Sharing

General

Target

random.exe
Size

9.8MB
Sample

250126-p5775a1rfw
MD5

db3632ef37d9e27dfa2fd76f320540ca
SHA1

f894b26a6910e1eb53b1891c651754a2b28ddd86
SHA256

0513f12c182a105759497d8280f1c06800a8ff07e1d69341268f3c08ecc27c6d
SHA512

4490b25598707577f0b1ba1f0fbe52556f752b591c433117d0f94ce386e86e101527b3d1f9982d6e097e1fcb724325fdd1837cc51d94c6b5704fd8df244648fd
SSDEEP

98304:IWlC18CzkF6kJdZi/lBMoo6Yc3A2o5APDm5:PlW1BMoOED

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  random.exe
- Size
  
  9.8MB
- MD5
  
  db3632ef37d9e27dfa2fd76f320540ca
- SHA1
  
  f894b26a6910e1eb53b1891c651754a2b28ddd86
- SHA256
  
  0513f12c182a105759497d8280f1c06800a8ff07e1d69341268f3c08ecc27c6d
- SHA512
  
  4490b25598707577f0b1ba1f0fbe52556f752b591c433117d0f94ce386e86e101527b3d1f9982d6e097e1fcb724325fdd1837cc51d94c6b5704fd8df244648fd
- SSDEEP
  
  98304:IWlC18CzkF6kJdZi/lBMoo6Yc3A2o5APDm5:PlW1BMoOED
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer