General

  • Target

    config (1).exe

  • Size

    63.9MB

  • Sample

    230425-cy2qjsga28

  • MD5

    5908e3e43cd13a7817ebc00e84726011

  • SHA1

    2bb84721c2a5599bf0d10f1478abff751ed63287

  • SHA256

    fee404652393a455c84216d7c761c369b4a560401d4016911d247dcd78b2a81b

  • SHA512

    fafb2e54bf38c43fb5cdea0ddd8b1e6ad58ac72b8c53ae2f62ad3cf2dd8f89d37741348098ff648230968e741e3f33bbc04da6649e52edb25a9e8f1cd526f2d4

  • SSDEEP

    1572864:WjddrbW1laQ3/mx+LeHP79ZN7ER0H93h2XXo4oI:KfWWQ3K2wPJr6O5CXF7

Score
10/10

Malware Config

Targets

    • Target

      config (1).exe

    • Size

      63.9MB

    • MD5

      5908e3e43cd13a7817ebc00e84726011

    • SHA1

      2bb84721c2a5599bf0d10f1478abff751ed63287

    • SHA256

      fee404652393a455c84216d7c761c369b4a560401d4016911d247dcd78b2a81b

    • SHA512

      fafb2e54bf38c43fb5cdea0ddd8b1e6ad58ac72b8c53ae2f62ad3cf2dd8f89d37741348098ff648230968e741e3f33bbc04da6649e52edb25a9e8f1cd526f2d4

    • SSDEEP

      1572864:WjddrbW1laQ3/mx+LeHP79ZN7ER0H93h2XXo4oI:KfWWQ3K2wPJr6O5CXF7

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks