lumma | 498a53a0dd6a2e42ea5d716c821ae955038c665c78462153ba94717799b164e9 | Triage

Sharing

General

Target

054c96f1e64e9dae66cd570e55fe9419aebc18150f482410ba24c8c3189831e2
Size

201KB
Sample

230114-t1813sae62
MD5

577b1104e717dd9d7e8ba30df75cccd8
SHA1

d006de24b548c00283293dc1fa1afe434c8b8874
SHA256

498a53a0dd6a2e42ea5d716c821ae955038c665c78462153ba94717799b164e9
SHA512

06b9a231687d90d5d644650185f669b95f4c3e70f32b5c989e230d046f21fcb0706fd5dc6cd06f88b4241e93fd72243f4d8df94a6a2208c911c453292f4d2f18
SSDEEP

3072:NajKiVf/FaLHVV2PDcI9jtlbQUJHvIQutV7qSarkuh4SkZ5Uw20wkUuNWj:VgFeVVr0jXblJHvct1qSU4STCSuNS

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  054c96f1e64e9dae66cd570e55fe9419aebc18150f482410ba24c8c3189831e2
- Size
  
  299KB
- MD5
  
  b340013465fc19be3e49e740826d95aa
- SHA1
  
  df03836f36ae31319ed89c4911d8041ebb030196
- SHA256
  
  054c96f1e64e9dae66cd570e55fe9419aebc18150f482410ba24c8c3189831e2
- SHA512
  
  1d57c780791041aadfe32101ba4ec5ccbe75d915c6d55ef4e40fd00bffa2257e597ba74174ecdf75624057eef6eff36649904809dbef8c9c21f12ec95489dc0d
- SSDEEP
  
  3072:ePXpjAoez5tGS5lbQUJHHIQutV7qSy8WrxGxaapb8pBI8jwWRjoV:SDe7VblJHHct1qSy8GIpgpRjFE
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer