General
-
Target
1915d244bae2707f6531ea7ffc0fb7708f7cafcf2aa354223ea8112064b18eaf
-
Size
381KB
-
Sample
230716-jed9gada52
-
MD5
ab9327fce682d578e28456820e0d9baa
-
SHA1
48696ea54a5960a3f9bbbf96819a150ad93c33c1
-
SHA256
1915d244bae2707f6531ea7ffc0fb7708f7cafcf2aa354223ea8112064b18eaf
-
SHA512
dcfd05aeb32c42dd9b25c11e214fa7b9aac96c1bdb747ee71487bdce9f58cb6c691bb3266cd3f752b2abd83f9b17d297a767751bf14123dfc14820fb2cb6eaab
-
SSDEEP
6144:uL7hfgYIwTFqa6OL93LfhvWbU7VGz7VeCuq/WQomNaTvjF:uHhoYIwTFgaLfsbe+ReCuq/3Mb
Malware Config
Extracted
lumma
gstatic-node.io
Targets
-
-
Target
1915d244bae2707f6531ea7ffc0fb7708f7cafcf2aa354223ea8112064b18eaf
-
Size
381KB
-
MD5
ab9327fce682d578e28456820e0d9baa
-
SHA1
48696ea54a5960a3f9bbbf96819a150ad93c33c1
-
SHA256
1915d244bae2707f6531ea7ffc0fb7708f7cafcf2aa354223ea8112064b18eaf
-
SHA512
dcfd05aeb32c42dd9b25c11e214fa7b9aac96c1bdb747ee71487bdce9f58cb6c691bb3266cd3f752b2abd83f9b17d297a767751bf14123dfc14820fb2cb6eaab
-
SSDEEP
6144:uL7hfgYIwTFqa6OL93LfhvWbU7VGz7VeCuq/WQomNaTvjF:uHhoYIwTFgaLfsbe+ReCuq/3Mb
Score10/10-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-