lumma | a71d202fb32624a5811a0cd4ed3c876c3118f60edb868c25836afbbb6a9ba74e | Triage

Sharing

General

Target

setup.zip
Size

2.9MB
Sample

250129-r9lwsszjan
MD5

73aef388a7994be9b211ebd159ba9899
SHA1

ab819834b6dd1815f00c0a74794948128c55e30b
SHA256

a71d202fb32624a5811a0cd4ed3c876c3118f60edb868c25836afbbb6a9ba74e
SHA512

ef9c2a151f004f8bc05c3f5b26bd88ac1f7c26e9ab008e24c459e9d8e8cc5d16422bbe95845315d2969dd6b67857fd68f8a92e910ba54ccd14ff429143e0b6a3
SSDEEP

24576:ACJu3EA5K3KVAfKWgkuS+o4/wB0baV1SpovknO6R/gcrRda7NkOQ0ckNt/IQWoZn:ACc5AKktt+oNB0O7kn9R/DRdaU05t/IW

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  setup.exe
- Size
  
  675.0MB
- MD5
  
  a24a526bcb2626784d380ecac4d1fe0d
- SHA1
  
  ef184cc7eb07e6acbc82bebfc93cb3ab7e4f7fe8
- SHA256
  
  e63dd97e0a8791ddf1daf0c30f5b0747bc7e33c0a25c97584599c0de8a8ae91b
- SHA512
  
  220202367eec03915e05c4a13d545b41259a7b8593ddbc9736e4d1178c99b887ef52ec2ca6e7c75188924139d626d20d7f26e42c8bdcf929864cdbc53ec89463
- SSDEEP
  
  24576:6EYJUgKAP3MaVctIrks8BAAWS6RTouXfYHyVMjoVH8WLyB6HqpuA4+:3YJwWpVhTToUKyhVH1K6HqpV
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer