General

  • Target

    bfd72bdd4ab311acd0e05211cb01f8671d358540201eb200f613fd80b62291f0.zip

  • Size

    205KB

  • Sample

    220919-lckdtaechm

  • MD5

    617485a3774e52df5d87710c37632d06

  • SHA1

    8951d1178798e85bc23e38a56675c45a7c2202d5

  • SHA256

    4e559c0d675abe7fa177e3aaa267e83f52675fdf9599112926c2a57d46e05202

  • SHA512

    5dc498aa1d493f44492c5cb1d2351514a5f0af0460a70c7609bc74e281d9750abce9671a13d5f1b901d237b89502849b6a8bd4e591253a1079d42cf01fcd6984

  • SSDEEP

    6144:jhBQo3ctY+1Mcg9PMFl41/f5/2AQb6eDAv6dfLxvhn:jvQcKYggpMFl41/fYz3ddDpV

Score
10/10

Malware Config

Extracted

Family

lumma

C2

http://evetesttech.net

Targets

    • Target

      bfd72bdd4ab311acd0e05211cb01f8671d358540201eb200f613fd80b62291f0

    • Size

      346KB

    • MD5

      9a68727c95ec5b26defb2543b5cbc295

    • SHA1

      53c6c85ed3c186461aab0c934c04942a061506f4

    • SHA256

      bfd72bdd4ab311acd0e05211cb01f8671d358540201eb200f613fd80b62291f0

    • SHA512

      37cba52bcd12202f6d9d1e00c30c3fa10baf1fa7fb3a6ac507d7c6ed08ba157ff737be9fe4bdb0e2e04af0b2ebb6a46492a1cc09e071552b5f19d2562d34589f

    • SSDEEP

      6144:lL+7taB7I3nfSC5jTS10Xc8Mv1m6HPkWa4Pn0LiFTuQZ4Oy9YqTBe6jR1:I7mI3nfSCRu10Xc8Mv1JJaGn0L8T01TD

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Matrix

Command and Control

    Credential Access

    Defense Evasion

      Discovery

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Persistence

                    Privilege Escalation

                      Tasks