lumma | 66783308c83d8ff280690e87cb5174fc77c32a67d7bc495a1f110801e31eb62e | Triage

Resubmissions

29/01/2025, 22:50

250129-2smf4s1rgw 10

29/01/2025, 22:49

250129-2r1bkszrdr 1

Sharing

General

Target

Nexol.rar
Size

2.5MB
Sample

250129-2smf4s1rgw
MD5

675f94f0e548e8c969839f1cee305b07
SHA1

78017d677986fc72f9f436eaaf59252eb29f913f
SHA256

66783308c83d8ff280690e87cb5174fc77c32a67d7bc495a1f110801e31eb62e
SHA512

c0c74cd6fb0098ccfce8a9a8475a3cde4149b1b7c209c1930f703836e42003b2b32cf9bfbee728baa548005ec5f511a0ec8b694a25b8cf220de51e1827ca0fac
SSDEEP

49152:9Q5VzHGMl6lT/4sLOLB6SwegEQ2K9Qp+2Wm1/lgI8gXje2:e5VzmNh4sqt6SwegEQ2KeZZ9SEF

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  Nexol.rar
- Size
  
  2.5MB
- MD5
  
  675f94f0e548e8c969839f1cee305b07
- SHA1
  
  78017d677986fc72f9f436eaaf59252eb29f913f
- SHA256
  
  66783308c83d8ff280690e87cb5174fc77c32a67d7bc495a1f110801e31eb62e
- SHA512
  
  c0c74cd6fb0098ccfce8a9a8475a3cde4149b1b7c209c1930f703836e42003b2b32cf9bfbee728baa548005ec5f511a0ec8b694a25b8cf220de51e1827ca0fac
- SSDEEP
  
  49152:9Q5VzHGMl6lT/4sLOLB6SwegEQ2K9Qp+2Wm1/lgI8gXje2:e5VzmNh4sqt6SwegEQ2KeZZ9SEF
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2