lumma | d5bb5a62332437da3aa5e35550aece0d093afdf733bfd6a5043485805a5d2b63 | Triage

Sharing

General

Target

d5bb5a62332437da3aa5e35550aece0d093afdf733bfd6a5043485805a5d2b63
Size

285KB
Sample

230217-f7cpkade3z
MD5

02fc337e57a8c0b6207cdfdb64ac9e40
SHA1

94b06be8f63477aa80872662f6b968e1e8ab4b28
SHA256

d5bb5a62332437da3aa5e35550aece0d093afdf733bfd6a5043485805a5d2b63
SHA512

524f94409da4877a6a76cbc0971ca53b359466cb9b46adb6dfe0c2b5784763fa6dd36725ec67695158776cf3999a588ac055759062fda70d99a82c0772f62bcf
SSDEEP

3072:tbmNJ6YloLt5pEWerboo4gVJ9WmRKLcGQfhcFOQu1wIhERpwLzHPVKv:VgJULtfevvVjDoLbdF3eIwLzHQ

Score

10^/10

lumma discovery spyware stealer

Malware Config

Targets

- Target
  
  d5bb5a62332437da3aa5e35550aece0d093afdf733bfd6a5043485805a5d2b63
- Size
  
  285KB
- MD5
  
  02fc337e57a8c0b6207cdfdb64ac9e40
- SHA1
  
  94b06be8f63477aa80872662f6b968e1e8ab4b28
- SHA256
  
  d5bb5a62332437da3aa5e35550aece0d093afdf733bfd6a5043485805a5d2b63
- SHA512
  
  524f94409da4877a6a76cbc0971ca53b359466cb9b46adb6dfe0c2b5784763fa6dd36725ec67695158776cf3999a588ac055759062fda70d99a82c0772f62bcf
- SSDEEP
  
  3072:tbmNJ6YloLt5pEWerboo4gVJ9WmRKLcGQfhcFOQu1wIhERpwLzHPVKv:VgJULtfevvVjDoLbdF3eIwLzHQ
Score

10^/10

lumma discovery spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoveryspywarestealer