lumma | 8a59696dae3730caee3aa161dda511d90a54ddf5b5e116226f1ee2acd43e7fc1 | Triage

Sharing

General

Target

acb010fc0600ee75a6a1a1f0461bccca.exe
Size

249KB
Sample

230117-rxe8gsdf2w
MD5

acb010fc0600ee75a6a1a1f0461bccca
SHA1

d7c600b7626334c4e69c2ce09dd25742f921d993
SHA256

8a59696dae3730caee3aa161dda511d90a54ddf5b5e116226f1ee2acd43e7fc1
SHA512

3598587fcadba72fd88e3a2cd4eac41cb4e91320dd6db96572f519587b4339b26d8b4e2217824dca09a0df580f25533abb244e2022b13bdfa8c50a321f65573c
SSDEEP

6144:zJxTCBMY/CB2cdxVKgxV4hOzuur9T2v2:zJxTah6Bn8gxfum2v

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  acb010fc0600ee75a6a1a1f0461bccca.exe
- Size
  
  249KB
- MD5
  
  acb010fc0600ee75a6a1a1f0461bccca
- SHA1
  
  d7c600b7626334c4e69c2ce09dd25742f921d993
- SHA256
  
  8a59696dae3730caee3aa161dda511d90a54ddf5b5e116226f1ee2acd43e7fc1
- SHA512
  
  3598587fcadba72fd88e3a2cd4eac41cb4e91320dd6db96572f519587b4339b26d8b4e2217824dca09a0df580f25533abb244e2022b13bdfa8c50a321f65573c
- SSDEEP
  
  6144:zJxTCBMY/CB2cdxVKgxV4hOzuur9T2v2:zJxTah6Bn8gxfum2v
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer