lumma | f33a6585faa522f1f03b4bacbd77cb5adc0d1ad54223b89dc8f6ebb05edfe000 | Triage

Resubmissions

29-09-2022 16:54

220929-ver14scdeq 10

26-09-2022 08:47

220926-kpvvmsbdam 8

Sharing

General

Target

bfd72bdd4ab311acd0e05211cb01f8671d358540201eb200f613fd80b62291f0_unpacked.exe
Size

184KB
Sample

220929-ver14scdeq
MD5

4c22c20fd816c11a3670100a40ac9dc0
SHA1

19b937654065f5ee8baee95026f6ea7466ee2322
SHA256

f33a6585faa522f1f03b4bacbd77cb5adc0d1ad54223b89dc8f6ebb05edfe000
SHA512

fe7e2da40c992cd913c165bcc06815ecf8ce4421bcb0edaa81c41d91707e603b1954c9d53af841011e6549eed0bde757f906d099174b40b9249b0291e45d6bc9
SSDEEP

3072:Y8S6mF4saj1M0WstmJDd/osAytLOHDxqTqYMia0ZNfo+CEkuRux4Kc0VrOR952St:Yg1saj6AfygD6lMitZSUux4N0VrOzuqH

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

http://evetesttech.net

Targets

- Target
  
  bfd72bdd4ab311acd0e05211cb01f8671d358540201eb200f613fd80b62291f0_unpacked.exe
- Size
  
  184KB
- MD5
  
  4c22c20fd816c11a3670100a40ac9dc0
- SHA1
  
  19b937654065f5ee8baee95026f6ea7466ee2322
- SHA256
  
  f33a6585faa522f1f03b4bacbd77cb5adc0d1ad54223b89dc8f6ebb05edfe000
- SHA512
  
  fe7e2da40c992cd913c165bcc06815ecf8ce4421bcb0edaa81c41d91707e603b1954c9d53af841011e6549eed0bde757f906d099174b40b9249b0291e45d6bc9
- SSDEEP
  
  3072:Y8S6mF4saj1M0WstmJDd/osAytLOHDxqTqYMia0ZNfo+CEkuRux4Kc0VrOR952St:Yg1saj6AfygD6lMitZSUux4N0VrOzuqH
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2