General

  • Target

    install.exe

  • Size

    63.9MB

  • Sample

    230429-hl4bhaab39

  • MD5

    cb2abc7522b793249219d353396096ec

  • SHA1

    758ece303d6837f45ec854978d1d5fd7392da1a0

  • SHA256

    d5a5109227e496903769c677b0d1634154acf601a742182678293561522d333b

  • SHA512

    c3c9b8b13e55df6542d7ef4df6b4494358821d52e03a1d1149999866557ea6834eec9650e0d67cc913f7627d733d3bb455f6e3fea3fe0c841947dd1b29bdabac

  • SSDEEP

    1572864:zjddGvLsQPJNVR/JqRlSqyNeCEbnTMwyqlynDRxLB27:nGvYEvV70586Ywxlm7L47

Score
10/10

Malware Config

Targets

    • Target

      install.exe

    • Size

      63.9MB

    • MD5

      cb2abc7522b793249219d353396096ec

    • SHA1

      758ece303d6837f45ec854978d1d5fd7392da1a0

    • SHA256

      d5a5109227e496903769c677b0d1634154acf601a742182678293561522d333b

    • SHA512

      c3c9b8b13e55df6542d7ef4df6b4494358821d52e03a1d1149999866557ea6834eec9650e0d67cc913f7627d733d3bb455f6e3fea3fe0c841947dd1b29bdabac

    • SSDEEP

      1572864:zjddGvLsQPJNVR/JqRlSqyNeCEbnTMwyqlynDRxLB27:nGvYEvV70586Ywxlm7L47

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks