lumma | ffb1aeceb3be0c0e340e56bf7b80b4feb8e6510361a7f19f906ece37f554c5dd | Triage

Sharing

General

Target

ffb1aeceb3be0c0e340e56bf7b80b4feb8e6510361a7f19f906ece37f554c5dd
Size

284KB
Sample

230113-3z3mcaba6t
MD5

a1aa0b8f906fdf14635adf81e9718276
SHA1

7d7403122f654b70415bb4cc4a7cfe06c4623dc0
SHA256

ffb1aeceb3be0c0e340e56bf7b80b4feb8e6510361a7f19f906ece37f554c5dd
SHA512

ee1ca7f570b4544a70ac29ac28645d0ec5ac9411ff287040286909050786c434b7bf088fba29ded1e20bb4f8b4526c63ef6f333a593abbc2e445a3aed6101189
SSDEEP

6144:OzgbLC1m8m3HDvtki3g33BMum0OiMAtJZ9tzrSA3:OzgbemlrtO34SLZ9P3

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  ffb1aeceb3be0c0e340e56bf7b80b4feb8e6510361a7f19f906ece37f554c5dd
- Size
  
  284KB
- MD5
  
  a1aa0b8f906fdf14635adf81e9718276
- SHA1
  
  7d7403122f654b70415bb4cc4a7cfe06c4623dc0
- SHA256
  
  ffb1aeceb3be0c0e340e56bf7b80b4feb8e6510361a7f19f906ece37f554c5dd
- SHA512
  
  ee1ca7f570b4544a70ac29ac28645d0ec5ac9411ff287040286909050786c434b7bf088fba29ded1e20bb4f8b4526c63ef6f333a593abbc2e445a3aed6101189
- SSDEEP
  
  6144:OzgbLC1m8m3HDvtki3g33BMum0OiMAtJZ9tzrSA3:OzgbemlrtO34SLZ9P3
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummaspywarestealer