lumma | 433b9c9d8ca325e6a58098480d9ea9193ef87ebd7275a6f4e81271f4e2220566 | Triage

Submit
Reports

Overview

overview

Static

static

1

SpotXBasic.bat

windows10-2004-x64

Sharing

General

Target

SpotXBasic.bat
Size

428B
Sample

230316-rksytade3s
MD5

86051a369086cf1fea76a3afc5372b7b
SHA1

3b787fad5b363a3193b295ce422b496892463f02
SHA256

433b9c9d8ca325e6a58098480d9ea9193ef87ebd7275a6f4e81271f4e2220566
SHA512

8e71253ea3e27560e84613f1b4313b031711601fc5c1caedc6e8519146bdf93640351af3c24266699abba3a1e7dea6932e088557b8734705def73eda87e03b3f

Score

10^/10

lumma discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

SpotXBasic.bat

Resource

win10v2004-20230220-es

lumma discovery stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  SpotXBasic.bat
- Size
  
  428B
- MD5
  
  86051a369086cf1fea76a3afc5372b7b
- SHA1
  
  3b787fad5b363a3193b295ce422b496892463f02
- SHA256
  
  433b9c9d8ca325e6a58098480d9ea9193ef87ebd7275a6f4e81271f4e2220566
- SHA512
  
  8e71253ea3e27560e84613f1b4313b031711601fc5c1caedc6e8519146bdf93640351af3c24266699abba3a1e7dea6932e088557b8734705def73eda87e03b3f
Score

10^/10

lumma discovery stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

lummadiscoverystealer

© 2018-2024

Terms | Privacy