lumma | 8604450bb4a0dcfe92852ef6b5049021a22db3cbae761cdb7adf779e83324e80 | Triage

Sharing

General

Target

Frogs_King.exe
Size

49.6MB
Sample

230401-x8cjmacb59
MD5

d40781074f5a4c00a7514f7caa5ca6f4
SHA1

ebcaa459f5d01aaf0847a8e6dea3b3dc80471a62
SHA256

8604450bb4a0dcfe92852ef6b5049021a22db3cbae761cdb7adf779e83324e80
SHA512

765de343357450a7bbb0fc7bc7058fcbc265270ef5d8345f0fb7ad75e29e8d3dd611e400ba282295e58df71651516f5b562580e5573cd5e38cb320237640d973
SSDEEP

786432:Ni3vkfZhwLuiyhJaGSVJsK/8bPbNEPDEIH453obWe+tmVae8jq5Mj2Vg2S62Fxx9:c3KZSLhsREPDEoUob5+7zibNuC67

Score

10^/10

lumma spyware stealer

Malware Config

Targets

- Target
  
  Frogs_King.exe
- Size
  
  49.6MB
- MD5
  
  d40781074f5a4c00a7514f7caa5ca6f4
- SHA1
  
  ebcaa459f5d01aaf0847a8e6dea3b3dc80471a62
- SHA256
  
  8604450bb4a0dcfe92852ef6b5049021a22db3cbae761cdb7adf779e83324e80
- SHA512
  
  765de343357450a7bbb0fc7bc7058fcbc265270ef5d8345f0fb7ad75e29e8d3dd611e400ba282295e58df71651516f5b562580e5573cd5e38cb320237640d973
- SSDEEP
  
  786432:Ni3vkfZhwLuiyhJaGSVJsK/8bPbNEPDEIH453obWe+tmVae8jq5Mj2Vg2S62Fxx9:c3KZSLhsREPDEoUob5+7zibNuC67
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer