lumma | 9066d830ae21197499f19a044054b0ea96f5be17cbb246714e15f36f32312204 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-1703-x64

Sharing

General

Target

9066d830ae21197499f19a044054b0ea96f5be17cbb246714e15f36f32312204
Size

290KB
Sample

230714-3r3x5sgd76
MD5

6d35d4cb11e99f8645441b0f1f96da3d
SHA1

3b6e12da0c1c37d38db867ab6330ace34461c56a
SHA256

9066d830ae21197499f19a044054b0ea96f5be17cbb246714e15f36f32312204
SHA512

01b5b75ce608f55f70c6471bb20f0a248116ef902f4bd602b5cf11fed747e0af9b811fbe74d393895672806f2b525900c6cef0ce889229d27032683a5e591aa4
SSDEEP

6144:bLpjxNBiWYJ+KZfQWi3E+sT3YswnFknEf9zdCRnFtDQFr:bNxN4nEKZoWiUHTPe3ft2Ft8F

Score

10^/10

lumma discovery spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9066d830ae21197499f19a044054b0ea96f5be17cbb246714e15f36f32312204.exe

Resource

win10-20230703-en

lumma discovery spyware stealer

windows10-1703-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

gstatic-node.io

Targets

- Target
  
  9066d830ae21197499f19a044054b0ea96f5be17cbb246714e15f36f32312204
- Size
  
  290KB
- MD5
  
  6d35d4cb11e99f8645441b0f1f96da3d
- SHA1
  
  3b6e12da0c1c37d38db867ab6330ace34461c56a
- SHA256
  
  9066d830ae21197499f19a044054b0ea96f5be17cbb246714e15f36f32312204
- SHA512
  
  01b5b75ce608f55f70c6471bb20f0a248116ef902f4bd602b5cf11fed747e0af9b811fbe74d393895672806f2b525900c6cef0ce889229d27032683a5e591aa4
- SSDEEP
  
  6144:bLpjxNBiWYJ+KZfQWi3E+sT3YswnFknEf9zdCRnFtDQFr:bNxN4nEKZoWiUHTPe3ft2Ft8F
Score

10^/10

lumma discovery spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummadiscoveryspywarestealer

© 2018-2024

Terms | Privacy