lumma | 5629e93fd6395c1aa1c3a020e981908b94cfc98a7c17d6c764b91fcb67730f83 | Triage

Sharing

General

Target

InstallerX.exe
Size

406KB
Sample

250127-nd6pjsxjbr
MD5

e43845f8c91ae232e16f0d32614d1e41
SHA1

a14a8131f735049f002e6d99e936bee3bb502d98
SHA256

5629e93fd6395c1aa1c3a020e981908b94cfc98a7c17d6c764b91fcb67730f83
SHA512

103bc2095c71a67613fa7b69c6b62da1d8d89848b1ad6443168c5cd2e375e0204b67794080297835b75f986423c092a0d1fd0e91c705b28926a197a33c3d584c
SSDEEP

12288:eg5h83S5z14+NYUCaEZCbBLzY7TRiCOEO:eg5iC5Z4VBGtY7FnOt

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  InstallerX.exe
- Size
  
  406KB
- MD5
  
  e43845f8c91ae232e16f0d32614d1e41
- SHA1
  
  a14a8131f735049f002e6d99e936bee3bb502d98
- SHA256
  
  5629e93fd6395c1aa1c3a020e981908b94cfc98a7c17d6c764b91fcb67730f83
- SHA512
  
  103bc2095c71a67613fa7b69c6b62da1d8d89848b1ad6443168c5cd2e375e0204b67794080297835b75f986423c092a0d1fd0e91c705b28926a197a33c3d584c
- SSDEEP
  
  12288:eg5h83S5z14+NYUCaEZCbBLzY7TRiCOEO:eg5iC5Z4VBGtY7FnOt
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer