General

  • Target

    0fda4f105bb07160230e01ad78c1010ac7ab828eb3f0f2724cef1ee93fd5d5f7.bin

  • Size

    347KB

  • Sample

    230430-2n211aha4v

  • MD5

    3d8355387b7305937c7ab0fae40f88f0

  • SHA1

    d960387d8ba7646603d1fde26754e6ecbbd7607a

  • SHA256

    0fda4f105bb07160230e01ad78c1010ac7ab828eb3f0f2724cef1ee93fd5d5f7

  • SHA512

    a9b58c7343bc31627fb15a936477c47a62e95b6aeb5b7209dae34c29a50eb43578de625a14b5545b7eb8b15bc7ea3a33e35b38285314c6612a816e02cb6d23ac

  • SSDEEP

    3072:Klla9+yI3TPHKD93XipyCWXmauX5IjPVSmt9fBHeylilSDcTif1Zl+DNwoqLT4Bt:KfrKD93XwVVwV7gBlSDgif1aDsmb9EB

Malware Config

Targets

    • Target

      0fda4f105bb07160230e01ad78c1010ac7ab828eb3f0f2724cef1ee93fd5d5f7.bin

    • Size

      347KB

    • MD5

      3d8355387b7305937c7ab0fae40f88f0

    • SHA1

      d960387d8ba7646603d1fde26754e6ecbbd7607a

    • SHA256

      0fda4f105bb07160230e01ad78c1010ac7ab828eb3f0f2724cef1ee93fd5d5f7

    • SHA512

      a9b58c7343bc31627fb15a936477c47a62e95b6aeb5b7209dae34c29a50eb43578de625a14b5545b7eb8b15bc7ea3a33e35b38285314c6612a816e02cb6d23ac

    • SSDEEP

      3072:Klla9+yI3TPHKD93XipyCWXmauX5IjPVSmt9fBHeylilSDcTif1Zl+DNwoqLT4Bt:KfrKD93XwVVwV7gBlSDgif1aDsmb9EB

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks