lumma | cc52b7b5c19658d7168fdc5493c42d2fc31379d033723da3e1ffe7bef21c2eda | Triage

Sharing

General

Target

cc52b7b5c19658d7168fdc5493c42d2fc31379d033723da3e1ffe7bef21c2eda
Size

241KB
Sample

230116-t2seqahh52
MD5

73c1f9325eeb4e63e183f18fc4079673
SHA1

026b37e38c06c6b0d0f3e676daadb6456eb0a296
SHA256

cc52b7b5c19658d7168fdc5493c42d2fc31379d033723da3e1ffe7bef21c2eda
SHA512

fd322e0ee9836d1f38205b0338390f52c0bafb3575f3729d9e206a4a2d54cb5ff5824236bd5c179414d8782d68333bf67ea429a56c96e85f3fef4cf9853c68ac
SSDEEP

3072:/zkqhByxL+VwcZPeDIc0HfABxL+z1YEkH5zkulizmETNO6i44DKyQ/uZF:bkwExLAnZP1/Qxy1fklj+c44DHX/

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  cc52b7b5c19658d7168fdc5493c42d2fc31379d033723da3e1ffe7bef21c2eda
- Size
  
  241KB
- MD5
  
  73c1f9325eeb4e63e183f18fc4079673
- SHA1
  
  026b37e38c06c6b0d0f3e676daadb6456eb0a296
- SHA256
  
  cc52b7b5c19658d7168fdc5493c42d2fc31379d033723da3e1ffe7bef21c2eda
- SHA512
  
  fd322e0ee9836d1f38205b0338390f52c0bafb3575f3729d9e206a4a2d54cb5ff5824236bd5c179414d8782d68333bf67ea429a56c96e85f3fef4cf9853c68ac
- SSDEEP
  
  3072:/zkqhByxL+VwcZPeDIc0HfABxL+z1YEkH5zkulizmETNO6i44DKyQ/uZF:bkwExLAnZP1/Qxy1fklj+c44DHX/
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer