lumma | f3863b441bb0dfac15f44a63956c1a046d1ad2fb1e3c8482f9b5033bb11e00da | Triage

Sharing

General

Target

Aura.exe
Size

409KB
Sample

250131-n2rwasvlfx
MD5

973518f7c6afa14ed8b86fd9052843b7
SHA1

1f7cc8b24bcfa8946de79dfbe85819208412d5fe
SHA256

f3863b441bb0dfac15f44a63956c1a046d1ad2fb1e3c8482f9b5033bb11e00da
SHA512

70ae0d89b57a395d1e9d4e5e628acd20a8334743605b41afa1ed401a982bf6de7c252dcffa90e45a01fda92edda0b3813ae68a4c88e292df1b031a5e0ffcd9f4
SSDEEP

12288:nWiz8MrfcCIwXt0isMZCT3x57kcmfZcvzB9eZmJ:n/z5QotJZCTh57nmK77eZmJ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  Aura.exe
- Size
  
  409KB
- MD5
  
  973518f7c6afa14ed8b86fd9052843b7
- SHA1
  
  1f7cc8b24bcfa8946de79dfbe85819208412d5fe
- SHA256
  
  f3863b441bb0dfac15f44a63956c1a046d1ad2fb1e3c8482f9b5033bb11e00da
- SHA512
  
  70ae0d89b57a395d1e9d4e5e628acd20a8334743605b41afa1ed401a982bf6de7c252dcffa90e45a01fda92edda0b3813ae68a4c88e292df1b031a5e0ffcd9f4
- SSDEEP
  
  12288:nWiz8MrfcCIwXt0isMZCT3x57kcmfZcvzB9eZmJ:n/z5QotJZCTh57nmK77eZmJ
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer