General

  • Target

    8f84b3ec26013ee70e8ac2013af527764e5e2003cfd1f14346bba272e9615451

  • Size

    299KB

  • Sample

    230114-e3v5nsdg3t

  • MD5

    e77d6ac1c3f92b6315be4f1adc4a7543

  • SHA1

    c3e4f10acd9ffb7210f20a949a34a70a6102e22c

  • SHA256

    8f84b3ec26013ee70e8ac2013af527764e5e2003cfd1f14346bba272e9615451

  • SHA512

    421844a52ce2f727859d2e436e9a45db69f1d81f7c9a7c0ac4e72b8372eef17e3aa914258a45a933f83f621e9a19475a981342632c4fd5d7a4ced2246464bbfe

  • SSDEEP

    3072:GX7PJPbJK5YpPOnJib6dgmHydhoHuJauaSBxf+BBxesTlTJK/hwxHapb8pBI8jw1:uxJcHy3ySfGBzThTupgpRjFE

Score
10/10

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

    • Target

      8f84b3ec26013ee70e8ac2013af527764e5e2003cfd1f14346bba272e9615451

    • Size

      299KB

    • MD5

      e77d6ac1c3f92b6315be4f1adc4a7543

    • SHA1

      c3e4f10acd9ffb7210f20a949a34a70a6102e22c

    • SHA256

      8f84b3ec26013ee70e8ac2013af527764e5e2003cfd1f14346bba272e9615451

    • SHA512

      421844a52ce2f727859d2e436e9a45db69f1d81f7c9a7c0ac4e72b8372eef17e3aa914258a45a933f83f621e9a19475a981342632c4fd5d7a4ced2246464bbfe

    • SSDEEP

      3072:GX7PJPbJK5YpPOnJib6dgmHydhoHuJauaSBxf+BBxesTlTJK/hwxHapb8pBI8jw1:uxJcHy3ySfGBzThTupgpRjFE

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks