General

  • Target

    https://cdn.discordapp.com/attachments/1389234755840639056/1389372563423236228/0af741ef7e972c11d354000a6f86afd95ddc9a3d428446a9d9d48b0667a91541.7z?ex=68646188&is=68631008&hm=277d0031e65162088a949967c169005b73ea0b9ff8c59bdbc55b2180c10f86a8&

  • Sample

    250701-j9wf8sgm5y

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://slovenecow.live/tanb

https://orjinalecza.net/lxaz

https://eczakozmetik.net/qop

https://orijinalecza.org/jub

https://tortoisgfe.top/paxk

https://eczamedikal.org/vax

https://orijinalecza.net/kazd

https://medicalbitkisel.net/juj

https://snakejh.top/adsk

Attributes
  • build_id

    8c49cc8bc4c1f2d6926044fafa15d0b9e41ab15379ea6e82f9

Targets

    • Target

      https://cdn.discordapp.com/attachments/1389234755840639056/1389372563423236228/0af741ef7e972c11d354000a6f86afd95ddc9a3d428446a9d9d48b0667a91541.7z?ex=68646188&is=68631008&hm=277d0031e65162088a949967c169005b73ea0b9ff8c59bdbc55b2180c10f86a8&

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v16

Tasks