Analysis
-
max time kernel
52s -
max time network
154s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
-
submitted
16-01-2023 17:45
General
-
Target
48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331.exe
-
Size
241KB
-
MD5
24f497a22a1207747ca331c713be6529
-
SHA1
23a98e4109244c247507b68c31b2d1a30905f9c7
-
SHA256
48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331
-
SHA512
fc66836ad56fc48994976832482e562930ffbd30ec5383326dbb0bf4701d89d1fc49af5b9c710d6ef5998c9ccfcb082ae7de5e6fb3a4e4427967660b9dbececc
-
SSDEEP
6144:2KHQqLlVGZ1jRneUcBItwFrdNNwSSDHXI:2KHQqB0Zbexa+r9E
Score
10/10
Malware Config
Extracted
Family
lumma
C2
77.73.134.68
Signatures
-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
Processes
-
C:\Users\Admin\AppData\Local\Temp\48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331.exe"C:\Users\Admin\AppData\Local\Temp\48ce6844b4e8bddae7ce316ebcad923327592d4401b6f037fda38a29d10d5331.exe"1⤵
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4988-116-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-117-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-118-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-119-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-120-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-121-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-122-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-123-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-124-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-125-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-126-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-127-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-128-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-129-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-130-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-131-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-132-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-133-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-134-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-135-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-136-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-137-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-138-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-139-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-140-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-141-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-142-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-143-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-144-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-145-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-147-0x000000000075A000-0x0000000000774000-memory.dmpFilesize
104KB
-
memory/4988-146-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-149-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-148-0x00000000006D0000-0x00000000006FA000-memory.dmpFilesize
168KB
-
memory/4988-150-0x0000000000400000-0x0000000000442000-memory.dmpFilesize
264KB
-
memory/4988-151-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-152-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-153-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-154-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-155-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-156-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-157-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-158-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-159-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-160-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-161-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-162-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-163-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-164-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-165-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-166-0x00000000778F0000-0x0000000077A7E000-memory.dmpFilesize
1.6MB
-
memory/4988-167-0x0000000000400000-0x0000000000442000-memory.dmpFilesize
264KB