General
-
Target
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82.zip
-
Size
3.2MB
-
Sample
230321-r1e2wsbc53
-
MD5
0ccabf85ce57c2eea3f487930c184e38
-
SHA1
e72dfad774b0041fb59d7ea7f3d68452c73d1050
-
SHA256
37cc099c435c1e7451dcdff1011c33f19fde6f69764cfe143a979d23c582888b
-
SHA512
f1a58f8b17c67225aabc5e93536f36d8feec99974ab30227568cfbd2f5bfdc9384b48fcad21e525fcd14b021b399899bd24465253c3c4ddbe4c82ac581ec6142
-
SSDEEP
98304:VSYHjPK5kVsfqjyVSEDj3ycJAf9T6OGM4:zz1sf/VNjjAleN
Malware Config
Extracted
lumma
45.9.74.78
Targets
-
-
Target
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82.exe
-
Size
3.3MB
-
MD5
50938be136527970c4fa9df18842ad76
-
SHA1
63ec9a2c612b57e082d27421b88d30e673e873f2
-
SHA256
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82
-
SHA512
c2655b9e643a7d854984527d8b4260632bea369b5baf68e6718c5d638751abe249f4cc620b2ae03c6ed53705ac764f74aa36d3b950aa04e45184409b92bd275d
-
SSDEEP
98304:dcR7APDOTa07J1qEGj05rAfBuHLbhTXmdYx/t3WP:waDSjkCrAfBuHLbpmdY9t3
Score10/10-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-