lumma | 6d0fee7a64435cda0b8ac5652c5a19e9e284514bec8110ae7c02341dcc3e1277 | Triage

Sharing

General

Target

e6b8cfb15c6fce9abcea7a716345d537.exe
Size

1.3MB
Sample

230817-w12ccaca48
MD5

e6b8cfb15c6fce9abcea7a716345d537
SHA1

c56b60c650439c124b403e31aced45c584ecdd7b
SHA256

6d0fee7a64435cda0b8ac5652c5a19e9e284514bec8110ae7c02341dcc3e1277
SHA512

e0163f07a996590e04340b61c3facbc2b5030936028f2ae6bb648b57fadaf2a74d2e8aea29a6eb1b6ff33058feb878f5003609b4bba018c7312c5762f1c84cc1
SSDEEP

24576:fk+bHOG7WsijczZPUIuAYfc48SCkbNY/:s+buG7B6cmHAYfgsY

Score

10^/10

lumma spyware stealer

Malware Config

Targets

- Target
  
  e6b8cfb15c6fce9abcea7a716345d537.exe
- Size
  
  1.3MB
- MD5
  
  e6b8cfb15c6fce9abcea7a716345d537
- SHA1
  
  c56b60c650439c124b403e31aced45c584ecdd7b
- SHA256
  
  6d0fee7a64435cda0b8ac5652c5a19e9e284514bec8110ae7c02341dcc3e1277
- SHA512
  
  e0163f07a996590e04340b61c3facbc2b5030936028f2ae6bb648b57fadaf2a74d2e8aea29a6eb1b6ff33058feb878f5003609b4bba018c7312c5762f1c84cc1
- SSDEEP
  
  24576:fk+bHOG7WsijczZPUIuAYfc48SCkbNY/:s+buG7B6cmHAYfgsY
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lummaspywarestealer

behavioral2

lummaspywarestealer