lumma | ba778425bd7e305b60b1ad0ad467a5e10f446fa828af383ac7df4d19ba8f0f17 | Triage

Sharing

General

Target

ba778425bd7e305b60b1ad0ad467a5e10f446fa828af383ac7df4d19ba8f0f17
Size

249KB
Sample

230117-gaxh5seh9x
MD5

01b26bb67ceda18e794e657a8fb421a0
SHA1

ad5d2379394e171f2a6511e3546ecb00a27e81cf
SHA256

ba778425bd7e305b60b1ad0ad467a5e10f446fa828af383ac7df4d19ba8f0f17
SHA512

0f57169196c2573fc6a28f8ab6ce6091a18478dd9e7dd940793e806d9fa0fef22e904acbac2cd74a64de07545835788dab21cbeabe87ae18a9be7e84a10b67f9
SSDEEP

3072:NX5wiKdH54UM3c29KksC33VVIiLqwZHmn19kzLVinIPl9T2vOF1Q:JWdeUO9KtCTZq8mn19MVigl9T2v2

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  ba778425bd7e305b60b1ad0ad467a5e10f446fa828af383ac7df4d19ba8f0f17
- Size
  
  249KB
- MD5
  
  01b26bb67ceda18e794e657a8fb421a0
- SHA1
  
  ad5d2379394e171f2a6511e3546ecb00a27e81cf
- SHA256
  
  ba778425bd7e305b60b1ad0ad467a5e10f446fa828af383ac7df4d19ba8f0f17
- SHA512
  
  0f57169196c2573fc6a28f8ab6ce6091a18478dd9e7dd940793e806d9fa0fef22e904acbac2cd74a64de07545835788dab21cbeabe87ae18a9be7e84a10b67f9
- SSDEEP
  
  3072:NX5wiKdH54UM3c29KksC33VVIiLqwZHmn19kzLVinIPl9T2vOF1Q:JWdeUO9KtCTZq8mn19MVigl9T2v2
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer