lumma | e77e7bd7fdc18a47ed7b381fa60ec08618f2d68783826022fbc73fbc5edbc166 | Triage

Sharing

General

Target

SUF2Y_random.exe
Size

401KB
Sample

250131-wbmgwsvkhl
MD5

1ad3f342c62c8fbd29bb60ba0c6c2f51
SHA1

3bc3ae1c83b950597940abad96b9be27b594dfc6
SHA256

e77e7bd7fdc18a47ed7b381fa60ec08618f2d68783826022fbc73fbc5edbc166
SHA512

afb41f7a06d05413be5a754d68f9b6c56d6fb1103f6769c31f9b4d597f390ee94fd6be0745cb00a44a036b5a0942dd7304e0b3dab0daf0f349afc04924b3525c
SSDEEP

6144:pahKz7LwjiqU9r+gkMGQnkfOSFaMeyXXE5IfDdhlBQIqACsU1vHQkkQ:pWMw+X9rKMGQkrXLfDR3HUlbJ

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

- Target
  
  SUF2Y_random.exe
- Size
  
  401KB
- MD5
  
  1ad3f342c62c8fbd29bb60ba0c6c2f51
- SHA1
  
  3bc3ae1c83b950597940abad96b9be27b594dfc6
- SHA256
  
  e77e7bd7fdc18a47ed7b381fa60ec08618f2d68783826022fbc73fbc5edbc166
- SHA512
  
  afb41f7a06d05413be5a754d68f9b6c56d6fb1103f6769c31f9b4d597f390ee94fd6be0745cb00a44a036b5a0942dd7304e0b3dab0daf0f349afc04924b3525c
- SSDEEP
  
  6144:pahKz7LwjiqU9r+gkMGQnkfOSFaMeyXXE5IfDdhlBQIqACsU1vHQkkQ:pWMw+X9rKMGQkrXLfDR3HUlbJ
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer