lumma | 98ef325c758b118d34f5c30f73e88a0372cd21683e17cb67ec72a8417cf496ca | Triage

Sharing

General

Target

app v1.9 loader.exe
Size

542KB
Sample

250130-xkrnmszkg1
MD5

e04cc63088de2a198eb6949c04192308
SHA1

baf8ce53165a920239e5479e132d4c386b80a35a
SHA256

98ef325c758b118d34f5c30f73e88a0372cd21683e17cb67ec72a8417cf496ca
SHA512

fb439969161ce00969e602deb45997ce223303d7052ad549407f4b6a459381216aac1bedcd54922744a0ab4675cd373b7e1ed092835ec9420a28ca3e2522fe79
SSDEEP

12288:1ZkEb6EcwNbyLnm8+PkXhPXLzLLdBk8xUJUb3NG/16gV:7byLnuMJ7zLLdqkUWbdU1n

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  app v1.9 loader.exe
- Size
  
  542KB
- MD5
  
  e04cc63088de2a198eb6949c04192308
- SHA1
  
  baf8ce53165a920239e5479e132d4c386b80a35a
- SHA256
  
  98ef325c758b118d34f5c30f73e88a0372cd21683e17cb67ec72a8417cf496ca
- SHA512
  
  fb439969161ce00969e602deb45997ce223303d7052ad549407f4b6a459381216aac1bedcd54922744a0ab4675cd373b7e1ed092835ec9420a28ca3e2522fe79
- SSDEEP
  
  12288:1ZkEb6EcwNbyLnm8+PkXhPXLzLLdBk8xUJUb3NG/16gV:7byLnuMJ7zLLdqkUWbdU1n
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer