lumma | ba4b192918963d1a045ad71a1ad1116652b531cce3d65bc61d92029f1d62304d | Triage

Sharing

General

Target

random.exe
Size

535KB
Sample

250131-v52y1asley
MD5

eaf3df69cfe86d787c90bb136993de50
SHA1

fcdd6220fccc3529a91301d9861a99d00926d88d
SHA256

ba4b192918963d1a045ad71a1ad1116652b531cce3d65bc61d92029f1d62304d
SHA512

e18943583197cdb9572a8e3380150b4978c76cb690ba1f78cfef6bfa77daa722e5dded4e9092545e262d489da5fd635f74d25b2039927a8baae9da0703b2bad0
SSDEEP

12288:KZkEb6EcwNbyWy1/2Rg2y0zVmsCPNYRd4YgQO86NHy:Ybyv1+RgxNc/vwNHy

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  random.exe
- Size
  
  535KB
- MD5
  
  eaf3df69cfe86d787c90bb136993de50
- SHA1
  
  fcdd6220fccc3529a91301d9861a99d00926d88d
- SHA256
  
  ba4b192918963d1a045ad71a1ad1116652b531cce3d65bc61d92029f1d62304d
- SHA512
  
  e18943583197cdb9572a8e3380150b4978c76cb690ba1f78cfef6bfa77daa722e5dded4e9092545e262d489da5fd635f74d25b2039927a8baae9da0703b2bad0
- SSDEEP
  
  12288:KZkEb6EcwNbyWy1/2Rg2y0zVmsCPNYRd4YgQO86NHy:Ybyv1+RgxNc/vwNHy
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer