Overview

overview

10

Static

static

1

83ce3b63cc...a5.exe

windows7-x64

10

83ce3b63cc...a5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    83ce3b63cc3b0c13d105dc98d26b511017e0ad1dd49c0ea0d8e5537a8c5cdaa5

  • Size

    7.2MB

  • Sample

    230918-nlpe8sgh9y

  • MD5

    2d0ae586e53189743bdffea705cf4cc0

  • SHA1

    636e7ff728d1cb018f972fd8baa7583086b9f0bb

  • SHA256

    83ce3b63cc3b0c13d105dc98d26b511017e0ad1dd49c0ea0d8e5537a8c5cdaa5

  • SHA512

    fad62ba8f1efab7838f1979e5d5f23a6f6381ab4e7647c702df63da4571df579d1e467cc031f0f4e38c710bcd70c1334fd01a1588136175ddf70b1274eb37383

  • SSDEEP

    196608:RaFnVisPdgqNC/eNPSTjBw+2rnHqTZqUAFPIgBe:RonV5guMvQHqtq9Z4

Score
10/10
lummaevasionstealer

Malware Config

Targets

    • Target

      83ce3b63cc3b0c13d105dc98d26b511017e0ad1dd49c0ea0d8e5537a8c5cdaa5

    • Size

      7.2MB

    • MD5

      2d0ae586e53189743bdffea705cf4cc0

    • SHA1

      636e7ff728d1cb018f972fd8baa7583086b9f0bb

    • SHA256

      83ce3b63cc3b0c13d105dc98d26b511017e0ad1dd49c0ea0d8e5537a8c5cdaa5

    • SHA512

      fad62ba8f1efab7838f1979e5d5f23a6f6381ab4e7647c702df63da4571df579d1e467cc031f0f4e38c710bcd70c1334fd01a1588136175ddf70b1274eb37383

    • SSDEEP

      196608:RaFnVisPdgqNC/eNPSTjBw+2rnHqTZqUAFPIgBe:RonV5guMvQHqtq9Z4

    Score
    10/10
    lummaevasionstealer

    • Detect Lumma Stealer payload V2

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks