lumma | f33a6585faa522f1f03b4bacbd77cb5adc0d1ad54223b89dc8f6ebb05edfe000 | Triage

Resubmissions

29-09-2022 16:54

220929-ver14scdeq 10

26-09-2022 08:47

220926-kpvvmsbdam 8

Sharing

General

Target

bfd72bdd4ab311acd0e05211cb01f8671d358540201eb200f613fd80b62291f0_unpacked.exe
Size

184KB
Sample

220929-ver14scdeq
MD5

4c22c20fd816c11a3670100a40ac9dc0
SHA1

19b937654065f5ee8baee95026f6ea7466ee2322
SHA256

f33a6585faa522f1f03b4bacbd77cb5adc0d1ad54223b89dc8f6ebb05edfe000
SHA512

fe7e2da40c992cd913c165bcc06815ecf8ce4421bcb0edaa81c41d91707e603b1954c9d53af841011e6549eed0bde757f906d099174b40b9249b0291e45d6bc9
SSDEEP

3072:Y8S6mF4saj1M0WstmJDd/osAytLOHDxqTqYMia0ZNfo+CEkuRux4Kc0VrOR952St:Yg1saj6AfygD6lMitZSUux4N0VrOzuqH

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

http://evetesttech.net

Targets

- Target
  
  bfd72bdd4ab311acd0e05211cb01f8671d358540201eb200f613fd80b62291f0_unpacked.exe
- Size
  
  184KB
- MD5
  
  4c22c20fd816c11a3670100a40ac9dc0
- SHA1
  
  19b937654065f5ee8baee95026f6ea7466ee2322
- SHA256
  
  f33a6585faa522f1f03b4bacbd77cb5adc0d1ad54223b89dc8f6ebb05edfe000
- SHA512
  
  fe7e2da40c992cd913c165bcc06815ecf8ce4421bcb0edaa81c41d91707e603b1954c9d53af841011e6549eed0bde757f906d099174b40b9249b0291e45d6bc9
- SSDEEP
  
  3072:Y8S6mF4saj1M0WstmJDd/osAytLOHDxqTqYMia0ZNfo+CEkuRux4Kc0VrOR952St:Yg1saj6AfygD6lMitZSUux4N0VrOzuqH
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2