lumma | 74bb3105998c9b5ebced3ff42889fce1c437d37f76da8ba1980762e6d88f0186 | Triage

Sharing

General

Target

74bb3105998c9b5ebced3ff42889fce1c437d37f76da8ba1980762e6d88f0186
Size

276KB
Sample

230116-hrx2nseg7z
MD5

ec5a9982316bd834d0b86f26e1c7b8f0
SHA1

3e21f03d7f7b156c637bfa215074938cc5721390
SHA256

74bb3105998c9b5ebced3ff42889fce1c437d37f76da8ba1980762e6d88f0186
SHA512

dd19a7e65888aa58af67300ca52d86d8adfb0876733f222f3b98d20d282225896f0499ea14e2966e08ac9d0963619627dcd3e0872d954c8bb70c3ad3420664ef
SSDEEP

6144:6fZfDLuw3OQi1kBTev+l9VVB3GzlilkU4zqQna:6fZ7CweQpTev+D6FFP

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  74bb3105998c9b5ebced3ff42889fce1c437d37f76da8ba1980762e6d88f0186
- Size
  
  276KB
- MD5
  
  ec5a9982316bd834d0b86f26e1c7b8f0
- SHA1
  
  3e21f03d7f7b156c637bfa215074938cc5721390
- SHA256
  
  74bb3105998c9b5ebced3ff42889fce1c437d37f76da8ba1980762e6d88f0186
- SHA512
  
  dd19a7e65888aa58af67300ca52d86d8adfb0876733f222f3b98d20d282225896f0499ea14e2966e08ac9d0963619627dcd3e0872d954c8bb70c3ad3420664ef
- SSDEEP
  
  6144:6fZfDLuw3OQi1kBTev+l9VVB3GzlilkU4zqQna:6fZ7CweQpTev+D6FFP
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer