lumma | 3e1a586aee70f56e14dc8ab2b9091723390db161f48e99d2cb225c48c4db7027 | Triage

Submit
Reports

Overview

overview

Static

static

1

0887152f91...2a.exe

windows7-x64

0887152f91...2a.exe

windows10-2004-x64

Sharing

General

Target

0887152f919c2571edb295f19263ec2a
Size

279KB
Sample

230323-gg6emadg69
MD5

0887152f919c2571edb295f19263ec2a
SHA1

6e7fda80403a379854ee856081cf4a8c861ac23f
SHA256

3e1a586aee70f56e14dc8ab2b9091723390db161f48e99d2cb225c48c4db7027
SHA512

4f93c726a9b7ceb1770d5c8caea97f7637ef25c7a05231e2f282655d792c8ce1cb91b45118c85376e83742c6eef74b8809d91b174e83bf85983aa7c81e471b86
SSDEEP

6144:7q0+dl26TjTpoCFcXnzsVeWQqU5dv9kLmnupOAI+:7qlhTpnqXnQVQq6dv9kLmupBR

Score

10^/10

lumma spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

0887152f919c2571edb295f19263ec2a.exe

Resource

win7-20230220-en

lumma spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

0887152f919c2571edb295f19263ec2a.exe

Resource

win10v2004-20230220-en

lumma spyware stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

45.9.74.78

Targets

- Target
  
  0887152f919c2571edb295f19263ec2a
- Size
  
  279KB
- MD5
  
  0887152f919c2571edb295f19263ec2a
- SHA1
  
  6e7fda80403a379854ee856081cf4a8c861ac23f
- SHA256
  
  3e1a586aee70f56e14dc8ab2b9091723390db161f48e99d2cb225c48c4db7027
- SHA512
  
  4f93c726a9b7ceb1770d5c8caea97f7637ef25c7a05231e2f282655d792c8ce1cb91b45118c85376e83742c6eef74b8809d91b174e83bf85983aa7c81e471b86
- SSDEEP
  
  6144:7q0+dl26TjTpoCFcXnzsVeWQqU5dv9kLmnupOAI+:7qlhTpnqXnQVQq6dv9kLmupBR
Score

10^/10

lumma spyware stealer
- Detect Lumma Stealer payload V2
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer

© 2018-2024

Terms | Privacy