Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d21f82a8a0b55f753ba26a19444c5364a2b21d8451fcde32f659f57476fc399d

  • Size

    276KB

  • Sample

    230116-f9mybadh4s

  • MD5

    930f2ceba3c8821110756aa19b395676

  • SHA1

    d2430e3e8dc6c193a90ef93da218c10f830e4395

  • SHA256

    d21f82a8a0b55f753ba26a19444c5364a2b21d8451fcde32f659f57476fc399d

  • SHA512

    dc6d093585e171ca366863cce09722e71e3718c8bab6d4432f92ccea6c926191bfbf5a0b7eb570189e070c4c8ca962a504e02f04661d6e3703efa642bec980d7

  • SSDEEP

    6144:O6o0eLFcKPqdWge8I9h/e8DVr+HJYloDU4zqQna:O6o55cQqoF8ILRr+HJYloDFP

Score
10/10
lummaspywarestealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

    • Target

      d21f82a8a0b55f753ba26a19444c5364a2b21d8451fcde32f659f57476fc399d

    • Size

      276KB

    • MD5

      930f2ceba3c8821110756aa19b395676

    • SHA1

      d2430e3e8dc6c193a90ef93da218c10f830e4395

    • SHA256

      d21f82a8a0b55f753ba26a19444c5364a2b21d8451fcde32f659f57476fc399d

    • SHA512

      dc6d093585e171ca366863cce09722e71e3718c8bab6d4432f92ccea6c926191bfbf5a0b7eb570189e070c4c8ca962a504e02f04661d6e3703efa642bec980d7

    • SSDEEP

      6144:O6o0eLFcKPqdWge8I9h/e8DVr+HJYloDU4zqQna:O6o55cQqoF8ILRr+HJYloDFP

    Score
    10/10
    lummaspywarestealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Tasks