lumma | 0666cc1ee4d34bc0f386d67e4a8306eb50ac9ff22d9b2b407a90f256e79a2ee3 | Triage

Submit
Reports

Overview

overview

Static

static

1

Synapse Launcher.exe

windows10-1703-x64

Sharing

General

Target

Synapse Launcher.exe
Size

787KB
Sample

230331-yf2tgsec4z
MD5

334175a89a5a82a7011b1a545a7db01f
SHA1

9a4863ad30b66796eccfdad453658f62886a6245
SHA256

0666cc1ee4d34bc0f386d67e4a8306eb50ac9ff22d9b2b407a90f256e79a2ee3
SHA512

af085b6b9c5308329411349debf5997585a73fdad09eb239536f74ba1f8b0c0f80bc1010e08bfeb1b3e83ad129e6c5a77d86398ceda86b712be1062d5d004bfe
SSDEEP

6144:oZokZ36h3AJIzpcRIjkoxEHrevwgQpLPCBhcJah8A/qlu1sYFz6ktJ3MxFZ4azWO:o+kGkoqdpeBiJM1bFz6egFZEZSepJ

Score

10^/10

lumma evasion stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Synapse Launcher.exe

Resource

win10-20230220-en

lumma evasion stealer trojan

windows10-1703-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  Synapse Launcher.exe
- Size
  
  787KB
- MD5
  
  334175a89a5a82a7011b1a545a7db01f
- SHA1
  
  9a4863ad30b66796eccfdad453658f62886a6245
- SHA256
  
  0666cc1ee4d34bc0f386d67e4a8306eb50ac9ff22d9b2b407a90f256e79a2ee3
- SHA512
  
  af085b6b9c5308329411349debf5997585a73fdad09eb239536f74ba1f8b0c0f80bc1010e08bfeb1b3e83ad129e6c5a77d86398ceda86b712be1062d5d004bfe
- SSDEEP
  
  6144:oZokZ36h3AJIzpcRIjkoxEHrevwgQpLPCBhcJah8A/qlu1sYFz6ktJ3MxFZ4azWO:o+kGkoqdpeBiJM1bFz6egFZEZSepJ
Score

10^/10

lumma evasion stealer trojan
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Downloads MZ/PE file
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaevasionstealertrojan

© 2018-2024

Terms | Privacy