lumma | 7fb411ee3e34e4b79b372b7d2321bf69b46de30c3286edccb7621562caefb60b | Triage

Submit
Reports

Overview

overview

Static

static

1

a8001f151c...89.exe

windows7-x64

a8001f151c...89.exe

windows10-2004-x64

Sharing

General

Target

a8001f151c1ce13aac56097a2bf1f789.exe
Size

3.9MB
Sample

230328-v9flkacc65
MD5

a8001f151c1ce13aac56097a2bf1f789
SHA1

414d9f4219570bc75eb6e6cf2932c4fb407afa56
SHA256

7fb411ee3e34e4b79b372b7d2321bf69b46de30c3286edccb7621562caefb60b
SHA512

9c20f91c378d9559f6e5115857401def02145bb665a4c64f7842175b077bb6406544caa8197c9713f9b22943ffd87405beb809cf0e684c53b934acfe8d421060
SSDEEP

49152:ZHVpQMSWLLKUmQUSgYaNrb5c90DNQdjK/c0kCs:Z1pjSWL5

Score

10^/10

lumma spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

a8001f151c1ce13aac56097a2bf1f789.exe

Resource

win7-20230220-en

lumma spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a8001f151c1ce13aac56097a2bf1f789.exe

Resource

win10v2004-20230220-en

lumma spyware stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  a8001f151c1ce13aac56097a2bf1f789.exe
- Size
  
  3.9MB
- MD5
  
  a8001f151c1ce13aac56097a2bf1f789
- SHA1
  
  414d9f4219570bc75eb6e6cf2932c4fb407afa56
- SHA256
  
  7fb411ee3e34e4b79b372b7d2321bf69b46de30c3286edccb7621562caefb60b
- SHA512
  
  9c20f91c378d9559f6e5115857401def02145bb665a4c64f7842175b077bb6406544caa8197c9713f9b22943ffd87405beb809cf0e684c53b934acfe8d421060
- SSDEEP
  
  49152:ZHVpQMSWLLKUmQUSgYaNrb5c90DNQdjK/c0kCs:Z1pjSWL5
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer

© 2018-2024

Terms | Privacy