General

  • Target

    malware.exe

  • Size

    160KB

  • Sample

    230424-rgfjbacc46

  • MD5

    5aac51312dfd99bf4e88be482f734c79

  • SHA1

    9ac88b93fee8f888cabc3d0c9d81507c6dad7498

  • SHA256

    9b742a890aff9c7a2b54b620fe5e1fcfa553648695d79c892564de09b850c92b

  • SHA512

    e185b12895a5ca622a8b5d213b5aee1e80cbb9327471c3fe618d0d570747c9f35f7faf6b706c80f4f5d21180666eebf01ea9097d2dc804b70830a86dc953fa54

  • SSDEEP

    3072:5IqizaJT9Sb9GmSYyqnt3JrUsk/IKdDIgACJpCTwXOaObJ0GkLVVzODF2:bv9ip9+eKJvp4wXzO/J2

Score
10/10

Malware Config

Extracted

Family

lumma

C2

195.123.226.91

Targets

    • Target

      malware.exe

    • Size

      160KB

    • MD5

      5aac51312dfd99bf4e88be482f734c79

    • SHA1

      9ac88b93fee8f888cabc3d0c9d81507c6dad7498

    • SHA256

      9b742a890aff9c7a2b54b620fe5e1fcfa553648695d79c892564de09b850c92b

    • SHA512

      e185b12895a5ca622a8b5d213b5aee1e80cbb9327471c3fe618d0d570747c9f35f7faf6b706c80f4f5d21180666eebf01ea9097d2dc804b70830a86dc953fa54

    • SSDEEP

      3072:5IqizaJT9Sb9GmSYyqnt3JrUsk/IKdDIgACJpCTwXOaObJ0GkLVVzODF2:bv9ip9+eKJvp4wXzO/J2

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks