Overview

overview

10

Static

static

1

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24e8e618ddeba28efb95b1e6a2b574879eabb48948f19a0e3bb3e6b2bf3e27fa

  • Size

    988KB

  • Sample

    230322-r76s7abd2t

  • MD5

    4aa21293162188635cf4d4ef626f367c

  • SHA1

    c3e2de0f1a01f2b256ed977234fba29a2e1e9e60

  • SHA256

    24e8e618ddeba28efb95b1e6a2b574879eabb48948f19a0e3bb3e6b2bf3e27fa

  • SHA512

    6d8fb337d8dd9126ee28d51380e7ef0d1f4e6b0450e6d61632db628a9d722832f1ae8ea91470ea5c5e0e15b06a6a01e52b617d8cb1965addb97ffc55272af5fd

  • SSDEEP

    12288:i6T+g+TFMg3gNuFSjwgPcb7Ge/8FM+9sQUsU0RDOOtKq0A3LZjBgsJPurYEKvl:Wg+TNgyWM/hU1JU0RDOOx0Q1jBarYE

Score
10/10
lummadiscoveryspywarestealer

Malware Config

Extracted

Family

lumma

C2

82.117.255.80

Targets

    • Target

      24e8e618ddeba28efb95b1e6a2b574879eabb48948f19a0e3bb3e6b2bf3e27fa

    • Size

      988KB

    • MD5

      4aa21293162188635cf4d4ef626f367c

    • SHA1

      c3e2de0f1a01f2b256ed977234fba29a2e1e9e60

    • SHA256

      24e8e618ddeba28efb95b1e6a2b574879eabb48948f19a0e3bb3e6b2bf3e27fa

    • SHA512

      6d8fb337d8dd9126ee28d51380e7ef0d1f4e6b0450e6d61632db628a9d722832f1ae8ea91470ea5c5e0e15b06a6a01e52b617d8cb1965addb97ffc55272af5fd

    • SSDEEP

      12288:i6T+g+TFMg3gNuFSjwgPcb7Ge/8FM+9sQUsU0RDOOtKq0A3LZjBgsJPurYEKvl:Wg+TNgyWM/hU1JU0RDOOx0Q1jBarYE

    Score
    10/10
    lummadiscoveryspywarestealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

3
T1081

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

3
T1005

Exfiltration

Command and Control

Impact

Tasks