lumma | 01a2bb9f7591986b6eb3388699e7ce4a52b2686295b48dae0ec001639ba9f9b4

General

Target

malware.exe
Size

7.2MB
Sample

250225-rf53ksypz4
MD5

d165b333fe9244a43967bc69c0b686cc
SHA1

58fbba484bdeeb020cc69a78218c897d28f7e2f2
SHA256

01a2bb9f7591986b6eb3388699e7ce4a52b2686295b48dae0ec001639ba9f9b4
SHA512

616556797aaad5deb2d5e8e8a70427d4e0b9ca4f64dd5976cdeaa3c6d8a37a612011e89b120a6ef2e1ef8a50d70483a71d8289a09952f612a9023d5f2922b580
SSDEEP

98304:sFMd0y7xmvwcd7c98l9jhbBcORNfIM/Ky:sFMd0yxOwcx3jhbBZRFIot

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://associationokeo.shop/api

https://turkeyunlikelyofw.shop/api

https://detectordiscusser.shop/api

https://technologyenterdo.shop/api

https://fieldtrollyeowskwe.shop/api

Targets

- Target
  
  malware.exe
- Size
  
  7.2MB
- MD5
  
  d165b333fe9244a43967bc69c0b686cc
- SHA1
  
  58fbba484bdeeb020cc69a78218c897d28f7e2f2
- SHA256
  
  01a2bb9f7591986b6eb3388699e7ce4a52b2686295b48dae0ec001639ba9f9b4
- SHA512
  
  616556797aaad5deb2d5e8e8a70427d4e0b9ca4f64dd5976cdeaa3c6d8a37a612011e89b120a6ef2e1ef8a50d70483a71d8289a09952f612a9023d5f2922b580
- SSDEEP
  
  98304:sFMd0y7xmvwcd7c98l9jhbBcORNfIM/Ky:sFMd0yxOwcx3jhbBZRFIot
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2