lumma | 0f5dd9395e62e8246685a24664efe252b7d5a0e4b1c4018422eceaa2c359be55 | Triage

Sharing

General

Target

0f5dd9395e62e8246685a24664efe252b7d5a0e4b1c4018422eceaa2c359be55
Size

247KB
Sample

230116-1ah6ashf8y
MD5

84b662be15aab4a2a2a6f5bf00ec9681
SHA1

f1fe41c79216e52f821313b19ca4d34b83043349
SHA256

0f5dd9395e62e8246685a24664efe252b7d5a0e4b1c4018422eceaa2c359be55
SHA512

57d20638fe552a8e86d5b658000af6c69867788ecab7c6cb807b344b4c4438c343aaca00d33f36e946a621d38b5c8d9d815c225eb12ba7b769939b009af77c1f
SSDEEP

6144:ERuYsLeCAR7QtTmpHXsvCDrjZFGoFu4hmEDHX:ERrs7ACCp3Ckrjj6q

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  0f5dd9395e62e8246685a24664efe252b7d5a0e4b1c4018422eceaa2c359be55
- Size
  
  247KB
- MD5
  
  84b662be15aab4a2a2a6f5bf00ec9681
- SHA1
  
  f1fe41c79216e52f821313b19ca4d34b83043349
- SHA256
  
  0f5dd9395e62e8246685a24664efe252b7d5a0e4b1c4018422eceaa2c359be55
- SHA512
  
  57d20638fe552a8e86d5b658000af6c69867788ecab7c6cb807b344b4c4438c343aaca00d33f36e946a621d38b5c8d9d815c225eb12ba7b769939b009af77c1f
- SSDEEP
  
  6144:ERuYsLeCAR7QtTmpHXsvCDrjZFGoFu4hmEDHX:ERrs7ACCp3Ckrjj6q
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer