lumma | 48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331 | Triage

Sharing

General

Target

48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331
Size

241KB
Sample

230116-wbsznsef3z
MD5

24f497a22a1207747ca331c713be6529
SHA1

23a98e4109244c247507b68c31b2d1a30905f9c7
SHA256

48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331
SHA512

fc66836ad56fc48994976832482e562930ffbd30ec5383326dbb0bf4701d89d1fc49af5b9c710d6ef5998c9ccfcb082ae7de5e6fb3a4e4427967660b9dbececc
SSDEEP

6144:2KHQqLlVGZ1jRneUcBItwFrdNNwSSDHXI:2KHQqB0Zbexa+r9E

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331
- Size
  
  241KB
- MD5
  
  24f497a22a1207747ca331c713be6529
- SHA1
  
  23a98e4109244c247507b68c31b2d1a30905f9c7
- SHA256
  
  48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331
- SHA512
  
  fc66836ad56fc48994976832482e562930ffbd30ec5383326dbb0bf4701d89d1fc49af5b9c710d6ef5998c9ccfcb082ae7de5e6fb3a4e4427967660b9dbececc
- SSDEEP
  
  6144:2KHQqLlVGZ1jRneUcBItwFrdNNwSSDHXI:2KHQqB0Zbexa+r9E
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer