lumma | 6ac3c36bd2b04f02d5606cc0ead01ee799ef556576e114697a9f187365934b76 | Triage

Sharing

General

Target

LoaderV.zip
Size

425KB
Sample

250127-wh26xszncy
MD5

528a065c07a0b4b3854f9fac6e98ec6e
SHA1

a87e59878a003be8fddff6dcad49a448c63dd87c
SHA256

6ac3c36bd2b04f02d5606cc0ead01ee799ef556576e114697a9f187365934b76
SHA512

629a22b4056f15183c0a3a8ef69f011d074c59dc87448ce40fd1d5e9a5437e781612489e95699f12fb7c5cb87a41a5f2bc758d8133824dfaec149de949510acf
SSDEEP

12288:Y83Cc3HZTYWY9Dz14GNEkCacZCpFLz6J4I:Y8x3yW6Z47xA56Jr

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  LoaderV.exe
- Size
  
  533KB
- MD5
  
  0eb2417e9736156789f14cda37ad23a3
- SHA1
  
  440785be5dabeb7ad226da15d632616dc02a4193
- SHA256
  
  315bc3199d2aa46f94d767d13a69ff098829735380180ead1197b63118b03681
- SHA512
  
  5fc58855eb23aafe21ce5e010222d47b3c51d5f4914e61bde1d71a7ead1403afbf287e627eaf78e03d01fcc8def6de11ede3d516c754b68d5976d19a029cf081
- SSDEEP
  
  12288:Qp9ZgK/sfdXw3KdFc23S5z14+NYUCaEZCbBLzY74RiCOEO:Xwp2C5Z4VBGtY7+nOt
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer