lumma | fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5 | Triage

Sharing

General

Target

fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5
Size

251KB
Sample

230116-qenw8sbd8s
MD5

e9ca526b7e18f493f53b389da14ce14c
SHA1

aaa8d2ac17b5ae940fd56422b0325a5cf334469d
SHA256

fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5
SHA512

1dfe8e1f38e1b1982eaeb4cb0325584cbbf6e01fe46242e99b879f46e61a23c8cdfb585bfd0d9ff96882caa9df4e096413ef1bc8f9e40ba6b5dbe9e22b1367e6
SSDEEP

6144:kpTOhL5lvtJUYMLRslTkLf9SOnRY9D7ndDHXyUC:kpTwdJtiLRwTkLxyi

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5
- Size
  
  251KB
- MD5
  
  e9ca526b7e18f493f53b389da14ce14c
- SHA1
  
  aaa8d2ac17b5ae940fd56422b0325a5cf334469d
- SHA256
  
  fbc69cde665d75e1154235b29eeded396dbdcd492113781fa76a5622251b43a5
- SHA512
  
  1dfe8e1f38e1b1982eaeb4cb0325584cbbf6e01fe46242e99b879f46e61a23c8cdfb585bfd0d9ff96882caa9df4e096413ef1bc8f9e40ba6b5dbe9e22b1367e6
- SSDEEP
  
  6144:kpTOhL5lvtJUYMLRslTkLf9SOnRY9D7ndDHXyUC:kpTwdJtiLRwTkLxyi
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummaspywarestealer