lumma | fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5 | Triage

Sharing

General

Target

fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5
Size

251KB
Sample

230116-qenw8sbd8s
MD5

e9ca526b7e18f493f53b389da14ce14c
SHA1

aaa8d2ac17b5ae940fd56422b0325a5cf334469d
SHA256

fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5
SHA512

1dfe8e1f38e1b1982eaeb4cb0325584cbbf6e01fe46242e99b879f46e61a23c8cdfb585bfd0d9ff96882caa9df4e096413ef1bc8f9e40ba6b5dbe9e22b1367e6
SSDEEP

6144:kpTOhL5lvtJUYMLRslTkLf9SOnRY9D7ndDHXyUC:kpTwdJtiLRwTkLxyi

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5
- Size
  
  251KB
- MD5
  
  e9ca526b7e18f493f53b389da14ce14c
- SHA1
  
  aaa8d2ac17b5ae940fd56422b0325a5cf334469d
- SHA256
  
  fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5
- SHA512
  
  1dfe8e1f38e1b1982eaeb4cb0325584cbbf6e01fe46242e99b879f46e61a23c8cdfb585bfd0d9ff96882caa9df4e096413ef1bc8f9e40ba6b5dbe9e22b1367e6
- SSDEEP
  
  6144:kpTOhL5lvtJUYMLRslTkLf9SOnRY9D7ndDHXyUC:kpTwdJtiLRwTkLxyi
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer