General

  • Target

    SetupVoidOfSpace.exe

  • Size

    64.0MB

  • Sample

    230424-j5tf3saf83

  • MD5

    4ed5e518b5ab8bdf2cf4dc73eb0e5ece

  • SHA1

    71f6a22a3445014cc53351cfaa1de35f314eacb8

  • SHA256

    5b7962400afa8883c09db62027b18e60245d47ecb04d56bae5427f4850f4cf23

  • SHA512

    0db0ccb8bab916d4ca43d9f9c9f44857e735797f21cc1f19d3bad4a44e0e7a4e160a124be064b7ef13e3fef76e6084ac15c032c38fe1efe2da76d944f590b26e

  • SSDEEP

    1572864:FjddrbWLcsPCVSmq1acW5XHU7IYbIBDDtAF+XuOAw7zjanf:9fWAsPlZghHU8r4sXYcjanf

Score
10/10

Malware Config

Targets

    • Target

      SetupVoidOfSpace.exe

    • Size

      64.0MB

    • MD5

      4ed5e518b5ab8bdf2cf4dc73eb0e5ece

    • SHA1

      71f6a22a3445014cc53351cfaa1de35f314eacb8

    • SHA256

      5b7962400afa8883c09db62027b18e60245d47ecb04d56bae5427f4850f4cf23

    • SHA512

      0db0ccb8bab916d4ca43d9f9c9f44857e735797f21cc1f19d3bad4a44e0e7a4e160a124be064b7ef13e3fef76e6084ac15c032c38fe1efe2da76d944f590b26e

    • SSDEEP

      1572864:FjddrbWLcsPCVSmq1acW5XHU7IYbIBDDtAF+XuOAw7zjanf:9fWAsPlZghHU8r4sXYcjanf

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks