lumma | d5767d68ea5768a5a39dd54a2d91c16376cdb3871bbf8bce302be327f95f3f1f | Triage

Sharing

General

Target

2025-01-31_c02d04b6c6f39f915a28d209966b1ec4_frostygoop_poet-rat_snatch
Size

8.1MB
Sample

250131-cw4gcszkdk
MD5

c02d04b6c6f39f915a28d209966b1ec4
SHA1

cce2c1dffd737ee60fc8ea0f80901d30f5c7a872
SHA256

d5767d68ea5768a5a39dd54a2d91c16376cdb3871bbf8bce302be327f95f3f1f
SHA512

506b8687c9fc9a37cfe2a1a8ead24e24c19071d8f411d5fee3178881109b27c91a0731ce1f78a2ceb5d528ff57cf21dec78d3d9fd5629b0a52315d7efca645f1
SSDEEP

98304:5gxyQ/qWnUwetucgAclwQBVqd7eFHgGfx/YBa:+JguuclF/qd7eFAPBa

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  2025-01-31_c02d04b6c6f39f915a28d209966b1ec4_frostygoop_poet-rat_snatch
- Size
  
  8.1MB
- MD5
  
  c02d04b6c6f39f915a28d209966b1ec4
- SHA1
  
  cce2c1dffd737ee60fc8ea0f80901d30f5c7a872
- SHA256
  
  d5767d68ea5768a5a39dd54a2d91c16376cdb3871bbf8bce302be327f95f3f1f
- SHA512
  
  506b8687c9fc9a37cfe2a1a8ead24e24c19071d8f411d5fee3178881109b27c91a0731ce1f78a2ceb5d528ff57cf21dec78d3d9fd5629b0a52315d7efca645f1
- SSDEEP
  
  98304:5gxyQ/qWnUwetucgAclwQBVqd7eFHgGfx/YBa:+JguuclF/qd7eFAPBa
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer