lumma | f361f433a4712ad54e806133334f62de0baa776da7a6a3548db077c4e6808e6e | Triage

Sharing

General

Target

f361f433a4712ad54e806133334f62de0baa776da7a6a3548db077c4e6808e6e.exe
Size

493KB
Sample

250127-fh8eyatjgr
MD5

7665e12873e7954d1934f9fb5b44b404
SHA1

dde259cf50ce63395a0c4e786c853bff6a381841
SHA256

f361f433a4712ad54e806133334f62de0baa776da7a6a3548db077c4e6808e6e
SHA512

f3ee707328568992857d838257f0f1f63edef6aa7762d59085ad47cf691ecfbca0c1413da25a06f86d72f8671e2879c7a090ade02029dd1cc0e14f21007e9bf1
SSDEEP

12288:aL02PC/hl6XALf/2THXzYnHu9DI5DPibvBghJ:aI2P8h84qYHi6oBghJ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  f361f433a4712ad54e806133334f62de0baa776da7a6a3548db077c4e6808e6e.exe
- Size
  
  493KB
- MD5
  
  7665e12873e7954d1934f9fb5b44b404
- SHA1
  
  dde259cf50ce63395a0c4e786c853bff6a381841
- SHA256
  
  f361f433a4712ad54e806133334f62de0baa776da7a6a3548db077c4e6808e6e
- SHA512
  
  f3ee707328568992857d838257f0f1f63edef6aa7762d59085ad47cf691ecfbca0c1413da25a06f86d72f8671e2879c7a090ade02029dd1cc0e14f21007e9bf1
- SSDEEP
  
  12288:aL02PC/hl6XALf/2THXzYnHu9DI5DPibvBghJ:aI2P8h84qYHi6oBghJ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer