lumma | 79b3ac409a9055874273e9de666f82b7885be3e3166f796b6ec484e04451b96c | Triage

Sharing

General

Target

Snake_V2.exe
Size

49.7MB
Sample

230322-vga6daca6y
MD5

748531f9e1702e07a66522ee7d62c975
SHA1

4d07042d32a5b620f58826ddfbb40594af2f7a64
SHA256

79b3ac409a9055874273e9de666f82b7885be3e3166f796b6ec484e04451b96c
SHA512

9f5aab9985e08ac8050f98fb1fa338104114fe01ccaaf2cd50cd1c12bf9fb01e13673b0f5d3b6016a61e2347db1e5843059f13243becd02df5bb7a78732a78c8
SSDEEP

786432:hxq66kthJaImWlZuEl+zWxoISnYhspl78uiKplppa0o8SM2riBEnT0lWA0G9O7B7:y4CWfRD2IwYhsHT57xo8SM2+OQWAJIl7

Score

10^/10

lumma spyware stealer

Malware Config

Targets

- Target
  
  Snake_V2.exe
- Size
  
  49.7MB
- MD5
  
  748531f9e1702e07a66522ee7d62c975
- SHA1
  
  4d07042d32a5b620f58826ddfbb40594af2f7a64
- SHA256
  
  79b3ac409a9055874273e9de666f82b7885be3e3166f796b6ec484e04451b96c
- SHA512
  
  9f5aab9985e08ac8050f98fb1fa338104114fe01ccaaf2cd50cd1c12bf9fb01e13673b0f5d3b6016a61e2347db1e5843059f13243becd02df5bb7a78732a78c8
- SSDEEP
  
  786432:hxq66kthJaImWlZuEl+zWxoISnYhspl78uiKplppa0o8SM2riBEnT0lWA0G9O7B7:y4CWfRD2IwYhsHT57xo8SM2+OQWAJIl7
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2