lumma | 18692e8bb1ab4c2254e4e0719dcb70cc50afbb3ce0a75bcd0952bb1abb3432a8 | Triage

Submit
Reports

Overview

overview

Static

static

1

redirect.html

windows10-2004-x64

Sharing

General

Target

redirect
Size

6KB
Sample

240701-mx45dszhrq
MD5

07d6758edf18112ba581f20260e4d9c9
SHA1

e4aa7630e1e319e58a9cd5efa750fd2e9644b564
SHA256

18692e8bb1ab4c2254e4e0719dcb70cc50afbb3ce0a75bcd0952bb1abb3432a8
SHA512

9b4d547f1b3c469a5368198ec86ec3e7fbbb395e1cba0a8327bfd13665d08faf8aa84e61ae1142aab1ada27b69b11933432e0dcfec3383f80841fdf5e3db8b2d
SSDEEP

192:dZHLxX7777/77QF7eyrr0Lod4BYCIo9OdXRwk:dZr5HYt0+CIo9OdXX

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

redirect.html

Resource

win10v2004-20240226-en

windows10-2004-x64

10 signatures

1800 seconds

Malware Config

Extracted

Family

lumma

C2

https://citizencenturygoodwk.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

- Target
  
  redirect
- Size
  
  6KB
- MD5
  
  07d6758edf18112ba581f20260e4d9c9
- SHA1
  
  e4aa7630e1e319e58a9cd5efa750fd2e9644b564
- SHA256
  
  18692e8bb1ab4c2254e4e0719dcb70cc50afbb3ce0a75bcd0952bb1abb3432a8
- SHA512
  
  9b4d547f1b3c469a5368198ec86ec3e7fbbb395e1cba0a8327bfd13665d08faf8aa84e61ae1142aab1ada27b69b11933432e0dcfec3383f80841fdf5e3db8b2d
- SSDEEP
  
  192:dZHLxX7777/77QF7eyrr0Lod4BYCIo9OdXRwk:dZr5HYt0+CIo9OdXX
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy