General

  • Target

    k3265.exe

  • Size

    384KB

  • Sample

    230501-nxyhaafd36

  • MD5

    16bc9a47111e437a3aefa392b221162b

  • SHA1

    c4a6fd77b8950973201d03e9c0c54a7163d115a3

  • SHA256

    921f7e253498c76694e9e8a7cde9552ef163f1292692781e23a272c7ad0bbb92

  • SHA512

    a395a940012f79960a9fa84c734652f3d52fa153b7938d4974c1f41aadab40c18dc6c4a586e530b650bcd58be2e5371445b8a58e34d01a964c9c77ddf0ed611f

  • SSDEEP

    6144:2cUHt3SGN+ZxLnrmhMWJm2FhpLzFs6OtPxA2i84u57Ftxb/:tUHtCzZxLnrmDJpjsbt5A2lhXxb

Malware Config

Targets

    • Target

      k3265.exe

    • Size

      384KB

    • MD5

      16bc9a47111e437a3aefa392b221162b

    • SHA1

      c4a6fd77b8950973201d03e9c0c54a7163d115a3

    • SHA256

      921f7e253498c76694e9e8a7cde9552ef163f1292692781e23a272c7ad0bbb92

    • SHA512

      a395a940012f79960a9fa84c734652f3d52fa153b7938d4974c1f41aadab40c18dc6c4a586e530b650bcd58be2e5371445b8a58e34d01a964c9c77ddf0ed611f

    • SSDEEP

      6144:2cUHt3SGN+ZxLnrmhMWJm2FhpLzFs6OtPxA2i84u57Ftxb/:tUHtCzZxLnrmDJpjsbt5A2lhXxb

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks