lumma | cccbaaabe8c8fbb8f3f3165dd1ee63c35764313115c5b98ff8272bfa092009fe | Triage

Sharing

General

Target

fc99be6dcfec31f8e5cac76c2a97406a.bin
Size

201KB
Sample

230123-tc74waff41
MD5

dc350d5d8665f9b705149a752c1369a9
SHA1

9f7191bfc01965d7055488fd22ebc364a38f6ec2
SHA256

cccbaaabe8c8fbb8f3f3165dd1ee63c35764313115c5b98ff8272bfa092009fe
SHA512

5ed2c42664141a4e6ed5c7bf59d582db2294c1f509f2fa3b58baa146b81689b9c643f9236288b3cf4f6a7c216bc745915b20a1032dd717437ed62e1faad4742c
SSDEEP

6144:fHnoJmMvlHnJvWxGWyNDQ2TQR+O4l5EL/+8:fHymUlHn18GW80qOiW/+8

Score

10^/10

lumma spyware stealer

Malware Config

Extracted

Family

lumma

C2

77.73.134.68

Targets

- Target
  
  b25ad1d7c8c98fe86fbc27ad44125fbfea7f0298fd81f0ac81578471dc963e8d.exe
- Size
  
  299KB
- MD5
  
  fc99be6dcfec31f8e5cac76c2a97406a
- SHA1
  
  420d1097377a1496779725bcace80d97c1131049
- SHA256
  
  b25ad1d7c8c98fe86fbc27ad44125fbfea7f0298fd81f0ac81578471dc963e8d
- SHA512
  
  d591d2549166f65b3daadf4ac911f954acc1707ef9dda69561b1cb600427cbbe955adc2dae5b3c81da72f5d8909a251ad6efc0ddc85b34c3f85b6ed9c3f3913b
- SSDEEP
  
  6144:AXGzsizpZTdcmiwq1DOl8nRI4q+pgpRjFE:A2gudcmiwr8RhSL
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer