Overview

overview

10

Static

static

1

config.exe

windows7-x64

10

config.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    config.exe

  • Size

    63.9MB

  • Sample

    230425-b5fk8ahf2v

  • MD5

    c24a6b61340f71366439cb24ccd89ed1

  • SHA1

    8c87a3280d9888712959a46524d92b43a98ce58d

  • SHA256

    8bd9408e7452badf264cb58176b1c9df4eb358dfba783d2fd72955a38ae7a2a5

  • SHA512

    d3731915b7de71f5f5eb337cd11c2bb21516764f2aa4b8f9fd0575324fb60d6e02c958e41f742ab118228116a263ce4bfac9b76f0ea6d71393b79ee3fbfd6f7b

  • SSDEEP

    1572864:FjddrbW1laQ3/mx+LeHP79ZN7ER0H93h2XXo4oI:9fWWQ3K2wPJr6O5CXF7

Score
10/10
lummaspywarestealer

Malware Config

Targets

    • Target

      config.exe

    • Size

      63.9MB

    • MD5

      c24a6b61340f71366439cb24ccd89ed1

    • SHA1

      8c87a3280d9888712959a46524d92b43a98ce58d

    • SHA256

      8bd9408e7452badf264cb58176b1c9df4eb358dfba783d2fd72955a38ae7a2a5

    • SHA512

      d3731915b7de71f5f5eb337cd11c2bb21516764f2aa4b8f9fd0575324fb60d6e02c958e41f742ab118228116a263ce4bfac9b76f0ea6d71393b79ee3fbfd6f7b

    • SSDEEP

      1572864:FjddrbW1laQ3/mx+LeHP79ZN7ER0H93h2XXo4oI:9fWWQ3K2wPJr6O5CXF7

    Score
    10/10
    lummastealerspyware

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks