lumma | 133179672d00d86ebb0cb34dbf07e3bd90d10539fdcd768465a4373d67f18cce | Triage

Sharing

General

Target

133179672d00d86ebb0cb34dbf07e3bd90d10539fdcd768465a4373d67f18cce
Size

246KB
Sample

230116-xywjraga3x
MD5

fc86ba055894b6ea03e71b1228188901
SHA1

dc173f7a546ebb6321104090dab822d531d009c3
SHA256

133179672d00d86ebb0cb34dbf07e3bd90d10539fdcd768465a4373d67f18cce
SHA512

922029724a75e86729f57c936d1472014e320b946dcd714f2e6210c200714e9ac65183b1db4f18d965b9b65b789271dbf67276513cee83310f97859f9eb77452
SSDEEP

3072:mHXaUAshLONHAHKAFvDgcsa/FH4PDFEqZNFQ069l/ARaPYh5TDKyQ/ua:kXdA4L9KkAK4PD6AN6NIQP+5TDHX

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  133179672d00d86ebb0cb34dbf07e3bd90d10539fdcd768465a4373d67f18cce
- Size
  
  246KB
- MD5
  
  fc86ba055894b6ea03e71b1228188901
- SHA1
  
  dc173f7a546ebb6321104090dab822d531d009c3
- SHA256
  
  133179672d00d86ebb0cb34dbf07e3bd90d10539fdcd768465a4373d67f18cce
- SHA512
  
  922029724a75e86729f57c936d1472014e320b946dcd714f2e6210c200714e9ac65183b1db4f18d965b9b65b789271dbf67276513cee83310f97859f9eb77452
- SSDEEP
  
  3072:mHXaUAshLONHAHKAFvDgcsa/FH4PDFEqZNFQ069l/ARaPYh5TDKyQ/ua:kXdA4L9KkAK4PD6AN6NIQP+5TDHX
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer