lumma | 644676713bdf4b81f8ec0a3a96a8f861c500a41a24a1cc4e93a3ee0c171bcba8 | Triage

Sharing

General

Target

074ca842ea52396751bb6015979f2f79.exe
Size

3.4MB
Sample

250126-red8gavkdk
MD5

074ca842ea52396751bb6015979f2f79
SHA1

11e746f0c8f9cb91b55dfbf8920e54853d2b8e2b
SHA256

644676713bdf4b81f8ec0a3a96a8f861c500a41a24a1cc4e93a3ee0c171bcba8
SHA512

993379c41abd9d6730831019aec0769268148d74a4a1699370cd2fb3f8894fe02a558991e80e7b67b247409cd819b55080eb45f1e1f8b55db62c2488bd13f91d
SSDEEP

98304:8fUbK7jkYWHLX4ntIAvQGRhXZlg4Rj9hrwq8jj6Y+NU:8fUW7gYAL46AvQGRtZqmBhsq8KYYU

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  074ca842ea52396751bb6015979f2f79.exe
- Size
  
  3.4MB
- MD5
  
  074ca842ea52396751bb6015979f2f79
- SHA1
  
  11e746f0c8f9cb91b55dfbf8920e54853d2b8e2b
- SHA256
  
  644676713bdf4b81f8ec0a3a96a8f861c500a41a24a1cc4e93a3ee0c171bcba8
- SHA512
  
  993379c41abd9d6730831019aec0769268148d74a4a1699370cd2fb3f8894fe02a558991e80e7b67b247409cd819b55080eb45f1e1f8b55db62c2488bd13f91d
- SSDEEP
  
  98304:8fUbK7jkYWHLX4ntIAvQGRhXZlg4Rj9hrwq8jj6Y+NU:8fUW7gYAL46AvQGRtZqmBhsq8KYYU
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer