lumma | 73cfa816bd989fa7dd51fc1aeff7657323836d86fdc30da54f3d0140376096c5 | Triage

Sharing

General

Target

73cfa816bd989fa7dd51fc1aeff7657323836d86fdc30da54f3d0140376096c5
Size

248KB
Sample

230115-3wxxpahh9w
MD5

d4371171249f45f3af6095825378c055
SHA1

7c38214ddc9fdf6598f5247272997dd682147717
SHA256

73cfa816bd989fa7dd51fc1aeff7657323836d86fdc30da54f3d0140376096c5
SHA512

96f1118afbc83d3738ac00e4b9b9e08f9773fa47edcd422d9951168341f61a63c1e388d775595a23325b6a227a0704a333de14855286cc7a13bc37406b8aba22
SSDEEP

3072:cYXykb1N+5d5bGN9i8olYgxTNsRUd62GSHfSokyxMTZrVwb+sbi:cs9N+ZGNZFgxTN8c629/SokwMFr

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  73cfa816bd989fa7dd51fc1aeff7657323836d86fdc30da54f3d0140376096c5
- Size
  
  248KB
- MD5
  
  d4371171249f45f3af6095825378c055
- SHA1
  
  7c38214ddc9fdf6598f5247272997dd682147717
- SHA256
  
  73cfa816bd989fa7dd51fc1aeff7657323836d86fdc30da54f3d0140376096c5
- SHA512
  
  96f1118afbc83d3738ac00e4b9b9e08f9773fa47edcd422d9951168341f61a63c1e388d775595a23325b6a227a0704a333de14855286cc7a13bc37406b8aba22
- SSDEEP
  
  3072:cYXykb1N+5d5bGN9i8olYgxTNsRUd62GSHfSokyxMTZrVwb+sbi:cs9N+ZGNZFgxTN8c629/SokwMFr
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummaspywarestealer