General

  • Target

    https://github.com/echenn1/1lmar/

  • Sample

    250704-ntzk6sdq31

Malware Config

Extracted

Family

lumma

C2

https://t.me/pizdenka202020

https://plapwf.top/agnb

https://narrathfpt.top/tekq

https://escczlv.top/bufi

https://localixbiw.top/zlpa

https://korxddl.top/qidz

https://stochalyqp.xyz/alfp

https://diecam.top/laur

https://citellcagt.top/gjtu

https://saokwe.xyz/plxa

Attributes
  • build_id

    be977f77a870d72a9e18c40aaaf22e9e73c13f0d67cb7384c4

Targets

    • Target

      https://github.com/echenn1/1lmar/

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v16

Tasks