lumma | 8ecc4c4040ee33d992e8a77d5f83fff1ad70ecd03398a54b3acc6af00bdfe62b

General

Target

8ecc4c4040ee33d992e8a77d5f83fff1ad70ecd03398a54b3acc6af00bdfe62b.zip
Size

17.7MB
Sample

250127-s5mszawmhr
MD5

2b5c0647b348d4be52a88a47e99d6281
SHA1

701b5af7144a9d647051197f4ffea6e2e0863573
SHA256

8ecc4c4040ee33d992e8a77d5f83fff1ad70ecd03398a54b3acc6af00bdfe62b
SHA512

6e978c8259ec8c49b64d80a5340c41766f3afc06f8e8cbee16bbb41d5e0cd08c6bddf5cc75e136874d24c4f5e0d127472c1cf260495e7109abedebd7fc84937e
SSDEEP

393216:QBVOLtoKiQMG6VsdISxWY38gCdf2fMRiR7o3Laj6pshPa/39Gr31:ZtojtCdou8z2MRiREtWPa/E31

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://snailyeductyi.sbs/api

https://ferrycheatyk.sbs/api

https://deepymouthi.sbs/api

https://wrigglesight.sbs/api

https://captaitwik.sbs/api

https://sidercotay.sbs/api

https://heroicmint.sbs/api

https://monstourtu.sbs/api

https://legislatiu.cfd/api

https://legislat/api

Targets

- Target
  
  8ecc4c4040ee33d992e8a77d5f83fff1ad70ecd03398a54b3acc6af00bdfe62b.zip
- Size
  
  17.7MB
- MD5
  
  2b5c0647b348d4be52a88a47e99d6281
- SHA1
  
  701b5af7144a9d647051197f4ffea6e2e0863573
- SHA256
  
  8ecc4c4040ee33d992e8a77d5f83fff1ad70ecd03398a54b3acc6af00bdfe62b
- SHA512
  
  6e978c8259ec8c49b64d80a5340c41766f3afc06f8e8cbee16bbb41d5e0cd08c6bddf5cc75e136874d24c4f5e0d127472c1cf260495e7109abedebd7fc84937e
- SSDEEP
  
  393216:QBVOLtoKiQMG6VsdISxWY38gCdf2fMRiR7o3Laj6pshPa/39Gr31:ZtojtCdou8z2MRiREtWPa/E31
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2