Overview

overview

10

Static

static

1

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.exe

  • Size

    56.5MB

  • Sample

    230401-apmtxsef99

  • MD5

    e1b0653393170d747aeb19bf8272c6c2

  • SHA1

    f9c6bdad9909324e0ed1d64f36212f011e7717e6

  • SHA256

    4a088011e8944795b6f08e057d96fd171bc39dc39aec293c9abe88956af6688f

  • SHA512

    09f88fc077427759272a7d5c7befdf46246ea884ad07ab7475681527fb6749f9a6224aaa55c40125646a902044a46f11f0e866e588fef7c860448bdce373fce4

  • SSDEEP

    786432:c7v+nGMHGwpylrl553CfhQl/78QUR7Gy7RAxsmITaiXlC2RHeNpCbiHLCTl/irm7:pG8pMl7y5Qly1R6sQVfptrCcrm7

Score
10/10
lummaspywarestealer

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      56.5MB

    • MD5

      e1b0653393170d747aeb19bf8272c6c2

    • SHA1

      f9c6bdad9909324e0ed1d64f36212f011e7717e6

    • SHA256

      4a088011e8944795b6f08e057d96fd171bc39dc39aec293c9abe88956af6688f

    • SHA512

      09f88fc077427759272a7d5c7befdf46246ea884ad07ab7475681527fb6749f9a6224aaa55c40125646a902044a46f11f0e866e588fef7c860448bdce373fce4

    • SSDEEP

      786432:c7v+nGMHGwpylrl553CfhQl/78QUR7Gy7RAxsmITaiXlC2RHeNpCbiHLCTl/irm7:pG8pMl7y5Qly1R6sQVfptrCcrm7

    Score
    10/10
    lummaspywarestealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Process Discovery

1
T1057

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks