lumma | 546711b6e47bff1928c1c1bb91dfcddef822daaaa306898e28b17713b0c4cc2b | Triage

Sharing

General

Target

32cv.exe
Size

7.5MB
Sample

250131-k1yexatleq
MD5

e49c805bea452526e776e9bcafc8ce74
SHA1

fcdec2c6fb520a669494be34e357a2df43d89114
SHA256

546711b6e47bff1928c1c1bb91dfcddef822daaaa306898e28b17713b0c4cc2b
SHA512

29d9525b968a1fd1b1f5629ae2b3a6fa96e3b462086966d1ec6d12a2d55ed6dac1a83b0fea7317a36278b86a6a03b3e608fbc5f12db472211a63d2fac93bc25f
SSDEEP

196608:enHy/R0bJHWU8xaryYG2Nuwb8AxFWojP7iXpIBvCFiUnbf+W7z:enkR0bJb20xxFZiXIeiUF

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://winnyhelplejsu.shop/api

Targets

- Target
  
  32cv.exe
- Size
  
  7.5MB
- MD5
  
  e49c805bea452526e776e9bcafc8ce74
- SHA1
  
  fcdec2c6fb520a669494be34e357a2df43d89114
- SHA256
  
  546711b6e47bff1928c1c1bb91dfcddef822daaaa306898e28b17713b0c4cc2b
- SHA512
  
  29d9525b968a1fd1b1f5629ae2b3a6fa96e3b462086966d1ec6d12a2d55ed6dac1a83b0fea7317a36278b86a6a03b3e608fbc5f12db472211a63d2fac93bc25f
- SSDEEP
  
  196608:enHy/R0bJHWU8xaryYG2Nuwb8AxFWojP7iXpIBvCFiUnbf+W7z:enkR0bJb20xxFZiXIeiUF
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer