lumma | d94b33839daf524f947b68a7ac833b7ac1dc9e68dca94fe02ab3bdefeecc8504 | Triage

Sharing

General

Target

2025-01-31_df1e3d66392952a819b4be0b09668315_frostygoop_poet-rat_snatch
Size

7.6MB
Sample

250131-v56l7aslfs
MD5

df1e3d66392952a819b4be0b09668315
SHA1

240f7271947262f84f3aa4e020dab689a3a18159
SHA256

d94b33839daf524f947b68a7ac833b7ac1dc9e68dca94fe02ab3bdefeecc8504
SHA512

0635e0e01cde5543383dac1c7b2217a32eef10c5047d7b3640f840b1ee6b50a9432206df82d2ed7e0afc3ef9ce7fb994a1e5c0ee9647ba6e2535db33a97cb514
SSDEEP

98304:hJ8B9V7Wm7JEILNxiIdX7/82N+NKoc9vSsiJoXK2Ch:jiFYId6Z6vSsiJoXK2C

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  2025-01-31_df1e3d66392952a819b4be0b09668315_frostygoop_poet-rat_snatch
- Size
  
  7.6MB
- MD5
  
  df1e3d66392952a819b4be0b09668315
- SHA1
  
  240f7271947262f84f3aa4e020dab689a3a18159
- SHA256
  
  d94b33839daf524f947b68a7ac833b7ac1dc9e68dca94fe02ab3bdefeecc8504
- SHA512
  
  0635e0e01cde5543383dac1c7b2217a32eef10c5047d7b3640f840b1ee6b50a9432206df82d2ed7e0afc3ef9ce7fb994a1e5c0ee9647ba6e2535db33a97cb514
- SSDEEP
  
  98304:hJ8B9V7Wm7JEILNxiIdX7/82N+NKoc9vSsiJoXK2Ch:jiFYId6Z6vSsiJoXK2C
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

behavioral2

lummadiscoverystealer