lumma | ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04 | Triage

Submit
Reports

Overview

overview

Static

static

3

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

Sharing

General

Target

ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04
Size

7.7MB
Sample

240704-2q1kyswdmd
MD5

2bc0db539a8fab08bf4104eb7f2de7e7
SHA1

ff4a5defedb18c93ef815434b40e19b9452ca410
SHA256

ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04
SHA512

ffaeb6c876d2aeda75b6576d2b307964a7b5330a0ab73352a4c95ef18ac3b1b1bfff350805553833a754582ed54215337c376bce0abd44c117b5d8a0e1468d71
SSDEEP

49152:P8FC9tZ1LK9QkVNdZEOto3XOREES2CG9LlPJHzPihufFRDiLYDEwjB5EtC0D4DAh:UuG9QcnhnLxHmhYFBEtCHi1mK

Score

10^/10

lumma spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04.exe

Resource

win7-20240704-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04.exe

Resource

win10-20240404-en

lumma spyware stealer

windows10-1703-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

lumma

C2

https://potterryisiw.shop/api

Targets

- Target
  
  ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04
- Size
  
  7.7MB
- MD5
  
  2bc0db539a8fab08bf4104eb7f2de7e7
- SHA1
  
  ff4a5defedb18c93ef815434b40e19b9452ca410
- SHA256
  
  ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04
- SHA512
  
  ffaeb6c876d2aeda75b6576d2b307964a7b5330a0ab73352a4c95ef18ac3b1b1bfff350805553833a754582ed54215337c376bce0abd44c117b5d8a0e1468d71
- SSDEEP
  
  49152:P8FC9tZ1LK9QkVNdZEOto3XOREES2CG9LlPJHzPihufFRDiLYDEwjB5EtC0D4DAh:UuG9QcnhnLxHmhYFBEtCHi1mK
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

lummaspywarestealer

© 2018-2024

Terms | Privacy