General
-
Target
file.exe
-
Size
1.2MB
-
Sample
230725-wdevtsef33
-
MD5
36d4a7ec6a9ad04aa447dda96ed21611
-
SHA1
0b1e924be77688d3f2171bf36bd420f5c60d5805
-
SHA256
696808a3a7971c3af2b8a5e69803fd45c7480da8fa42711491c608d583ff4f56
-
SHA512
407e3ac77fac97cebb89aa2f99af807c9edd91aca1fbc3523aea63a60adf4d37056889dbfeae7a072a96066d11bd695f6e1001452376a9aa15fe4b9671ffe1b3
-
SSDEEP
24576:sDWv+KX/VnxU/wcXbtmRodFpVjv27dTtNcbORbRt648:8WRFxkwcp1VgdsbybR8F
Malware Config
Targets
-
-
Target
file.exe
-
Size
1.2MB
-
MD5
36d4a7ec6a9ad04aa447dda96ed21611
-
SHA1
0b1e924be77688d3f2171bf36bd420f5c60d5805
-
SHA256
696808a3a7971c3af2b8a5e69803fd45c7480da8fa42711491c608d583ff4f56
-
SHA512
407e3ac77fac97cebb89aa2f99af807c9edd91aca1fbc3523aea63a60adf4d37056889dbfeae7a072a96066d11bd695f6e1001452376a9aa15fe4b9671ffe1b3
-
SSDEEP
24576:sDWv+KX/VnxU/wcXbtmRodFpVjv27dTtNcbORbRt648:8WRFxkwcp1VgdsbybR8F
Score10/10-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-