General

  • Target

    .

  • Size

    22KB

  • Sample

    230501-3atyxaah5t

  • MD5

    dd2f55b0492956acfd9f4972e794eb3f

  • SHA1

    e69c240317c144a3a8cdc0c17b379ef362e27bda

  • SHA256

    d46d805b7c4c7444fc333409dbbc6fab1e29dc385d9983cc3dd33f8ba4fb316d

  • SHA512

    5e251549fec3702ce7b1476feb50d13f51093533922ced2f6b103241dd276a29cb3431adf5f1842429fca502d996ecbd8305d13d32c9bd877c2f9d8fc09b0d0a

  • SSDEEP

    384:YpQpDivGm0afxjk4FDG/UUsLlK0PF0lvTzspkM:qB+UFATzsJ

Score
10/10

Malware Config

Targets

    • Target

      .

    • Size

      22KB

    • MD5

      dd2f55b0492956acfd9f4972e794eb3f

    • SHA1

      e69c240317c144a3a8cdc0c17b379ef362e27bda

    • SHA256

      d46d805b7c4c7444fc333409dbbc6fab1e29dc385d9983cc3dd33f8ba4fb316d

    • SHA512

      5e251549fec3702ce7b1476feb50d13f51093533922ced2f6b103241dd276a29cb3431adf5f1842429fca502d996ecbd8305d13d32c9bd877c2f9d8fc09b0d0a

    • SSDEEP

      384:YpQpDivGm0afxjk4FDG/UUsLlK0PF0lvTzspkM:qB+UFATzsJ

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks