Overview

overview

10

Static

static

1

Full-Best_...on.exe

windows7-x64

10

Full-Best_...on.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Full-Best_version.zip

  • Size

    5.9MB

  • Sample

    230330-jxww8sdb6z

  • MD5

    62b3f17fea93291bbd2c5b5c61fd901a

  • SHA1

    ce04fb93c0102104d06b33c961d7335dcf7fcfd7

  • SHA256

    e343adb1b48b092c8d7b7ba23c3c31d63e2e7b2642b7ee9c4002c4edb5ddb430

  • SHA512

    add4aa4b3fd430478137bd134957303ce38a392c54c2ec1525108acef6459baf57131b2ec1170d44a6b3b24323f2e6fc6ecbf1cfd67046bfefefe9879cfc3f40

  • SSDEEP

    98304:A976X8LCZskdzW6WZzD1dxPP2lVDUBXzoZnuh4NQlVbs0FM07AY98dXwzRCVCbXa:0eX4CZsk55KnZXGVABXzoZuhAabFP7lS

Score
10/10
lummaspywarestealer

Malware Config

Targets

    • Target

      Full-Best_version/Full-Best_version.exe

    • Size

      688.3MB

    • MD5

      0e9d06ed4761310d5cdf869618aa1fa6

    • SHA1

      f0ec5a8c1f366b1cc47e3038d55625394be3e007

    • SHA256

      da2fa0bdd83853e87d871d18a8e2daa42caca51de4310db06485f901078590c2

    • SHA512

      47b5e9e764084fe7fb8f72a5e3b46719dc67fa4212afce8bfab7b6fda713c1e425870f405972eceeae10b7df4e931d738682641a018f8361867d750081b2605a

    • SSDEEP

      98304:meXAdbSnlC0VEhisk/h1Qf0fk+6uvkyNNsKV:gSGWlnz

    Score
    10/10
    lummaspywarestealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks