lumma | cf325a72e4dd035cbbdca3eaaa40861c8ed591b4f673279a1ab27c5d8f08339e | Triage

Sharing

General

Target

mustafayilmazruhsat.pdf.exe
Size

56.5MB
Sample

230321-21bdtade99
MD5

4f0d50a61f33a69cef26746404fb2f6b
SHA1

bf4d4d004ea695a8a3401d9d45d585e49ec1e3cf
SHA256

cf325a72e4dd035cbbdca3eaaa40861c8ed591b4f673279a1ab27c5d8f08339e
SHA512

fc5dfd2ab8a94fde8d084c4a07851a24ab7f6c902c471440886ee9cbb5dd29bb1c966e20ff6d131983ca965e6c7d34cf93641384f7677fbcdcd37a6e54c4a62b
SSDEEP

1572864:wG8pczWPdH6+Ek52A12dF+7bsBq2ubcDy6b7:NMCfvA12uIY9YD77

Score

10^/10

lumma spyware stealer

Malware Config

Targets

- Target
  
  mustafayilmazruhsat.pdf.exe
- Size
  
  56.5MB
- MD5
  
  4f0d50a61f33a69cef26746404fb2f6b
- SHA1
  
  bf4d4d004ea695a8a3401d9d45d585e49ec1e3cf
- SHA256
  
  cf325a72e4dd035cbbdca3eaaa40861c8ed591b4f673279a1ab27c5d8f08339e
- SHA512
  
  fc5dfd2ab8a94fde8d084c4a07851a24ab7f6c902c471440886ee9cbb5dd29bb1c966e20ff6d131983ca965e6c7d34cf93641384f7677fbcdcd37a6e54c4a62b
- SSDEEP
  
  1572864:wG8pczWPdH6+Ek52A12dF+7bsBq2ubcDy6b7:NMCfvA12uIY9YD77
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer

behavioral3

lummaspywarestealer