General

  • Target

    install.rar

  • Size

    1.2MB

  • Sample

    230502-a7dc7sba6y

  • MD5

    086f77a230b490aebc4cc15655dbb9ec

  • SHA1

    aafbca7f90bc19d3962da53c8f1d1f6127308021

  • SHA256

    191e92a29c5c5fe6c3698670bc2ae595c2c6e2a1f4a836611012637d9b202245

  • SHA512

    236372fc94e79f06d8175ab5be09e7dfc7984bcf87d9a17ad6774a4f2fc6066c058fbde5472b8d72bdd76324b9c4e6df9a0621b2d9dd65755bac900fbce09a81

  • SSDEEP

    24576:XYQei130hwcDacmjcW+yQOvhB4aUwZ4WK+xpKoie56zf5x2JS9zpJLG6O8zN:IHi1gwcOcmjT+jO34lwZ4v+7K2Wx2Gu2

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      1020.0MB

    • MD5

      cba88743c935ef74db724e3790602caf

    • SHA1

      88d3dba8083e3b8da10dc009a6e8de25112964b6

    • SHA256

      53db2ad4017ccd89ae8e33434f3718eafb479f5cc4ace193c4a3638fba23ff2a

    • SHA512

      5bac170accdc95e8945c5909992a0b535db246025395fbd1956b40f28d8b9b8b20b1e3c01567788b8f4f567bb26c0479133a5acc1e59d00e26c7314f97d4e095

    • SSDEEP

      12288:OK9Pbn+2NqQZQOR9NcWPaqA3rkg6gEFOsDq5m1vD:l9PFNqQZQOS6at3k1FDu5m5

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks