lumma | c769cf6be7c500cb36df8727ba9868a95cc8fdd66b42b5e2f66a149768be07ab | Triage

Sharing

General

Target

4b7d312cb2d868ae46e52f012d0037a8.exe
Size

309KB
Sample

230113-x4yajacb73
MD5

4b7d312cb2d868ae46e52f012d0037a8
SHA1

5dd7dd8ea6a2641965d1d6920ca51a8c6206fccc
SHA256

c769cf6be7c500cb36df8727ba9868a95cc8fdd66b42b5e2f66a149768be07ab
SHA512

e85801f74ca750f8a3a6e5037cf95f24f17e2cdd9e5e9ac0f1edf9befc501fb4148b4aabe2d52053402d3ae4fc81d739a33dcbc26fc4cf97fed993ccec7f8375
SSDEEP

6144:mpkELZIQXSXKVx72kIgQRtYYqriXzrSlJZ9tzrSA37j:mpkE6QRVgfRtZXOZ9P37j

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  4b7d312cb2d868ae46e52f012d0037a8.exe
- Size
  
  309KB
- MD5
  
  4b7d312cb2d868ae46e52f012d0037a8
- SHA1
  
  5dd7dd8ea6a2641965d1d6920ca51a8c6206fccc
- SHA256
  
  c769cf6be7c500cb36df8727ba9868a95cc8fdd66b42b5e2f66a149768be07ab
- SHA512
  
  e85801f74ca750f8a3a6e5037cf95f24f17e2cdd9e5e9ac0f1edf9befc501fb4148b4aabe2d52053402d3ae4fc81d739a33dcbc26fc4cf97fed993ccec7f8375
- SSDEEP
  
  6144:mpkELZIQXSXKVx72kIgQRtYYqriXzrSlJZ9tzrSA37j:mpkE6QRVgfRtZXOZ9P37j
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer