lumma | 75a2edcf60890d8779c3de6f5ddf6e8bb118974c75220688e0f7dcf3801dd0d1 | Triage

Sharing

General

Target

75a2edcf60890d8779c3de6f5ddf6e8bb118974c75220688e0f7dcf3801dd0d1
Size

250KB
Sample

230116-nxeeeaac6z
MD5

c89532ad47d70bf2cf5127bfa4da6120
SHA1

d8212b3649537fafda28fd2c1b76cf853e4ff448
SHA256

75a2edcf60890d8779c3de6f5ddf6e8bb118974c75220688e0f7dcf3801dd0d1
SHA512

1404adae046ae193c7c6bd6fadf500eb80931954a2bf877cf935fb4a1af3ec7c424af2321dfcf38097ad61de22b5d44e290e50e99e6113439d4e9c4f44ef6726
SSDEEP

6144:vJ2LnLF/5HoUxaOeQqUD86Zm6EnAPCPcDHXyUC:vJ2rRBH10PUD86Z/BPsCi

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  75a2edcf60890d8779c3de6f5ddf6e8bb118974c75220688e0f7dcf3801dd0d1
- Size
  
  250KB
- MD5
  
  c89532ad47d70bf2cf5127bfa4da6120
- SHA1
  
  d8212b3649537fafda28fd2c1b76cf853e4ff448
- SHA256
  
  75a2edcf60890d8779c3de6f5ddf6e8bb118974c75220688e0f7dcf3801dd0d1
- SHA512
  
  1404adae046ae193c7c6bd6fadf500eb80931954a2bf877cf935fb4a1af3ec7c424af2321dfcf38097ad61de22b5d44e290e50e99e6113439d4e9c4f44ef6726
- SSDEEP
  
  6144:vJ2LnLF/5HoUxaOeQqUD86Zm6EnAPCPcDHXyUC:vJ2rRBH10PUD86Z/BPsCi
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer