lumma | d8b6bf6b66f9db15567b43e5b725a2cd5fa74854f4b2e715f58ee6ae44488f02 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d8b6bf6b66f9db15567b43e5b725a2cd5fa74854f4b2e715f58ee6ae44488f02.exe
Size

1.5MB
Sample

231126-qllqfshe6x
MD5

c0495cb1e372a65254ddaf43736cadff
SHA1

a51ac30d1719516dfe5c93a35600de04ca467b1a
SHA256

d8b6bf6b66f9db15567b43e5b725a2cd5fa74854f4b2e715f58ee6ae44488f02
SHA512

0888ac46ca6329e5d7d53c5dfd4a65c98ea58daa48423dddd5c1658dfe7240a2a733dec0f34493a229bc0197134bab132dbebce2d4f9ffe4186d79f7db9163d4
SSDEEP

24576:/spUqF2JAwTDWLGf7ROqn2qepppWuedVrB/TI8beGQKM1:/awPWLGf7MqnEpuTVrdk8bHRM1

Score

10^/10

lumma spyware stealer

Malware Config

Targets

- Target
  
  d8b6bf6b66f9db15567b43e5b725a2cd5fa74854f4b2e715f58ee6ae44488f02.exe
- Size
  
  1.5MB
- MD5
  
  c0495cb1e372a65254ddaf43736cadff
- SHA1
  
  a51ac30d1719516dfe5c93a35600de04ca467b1a
- SHA256
  
  d8b6bf6b66f9db15567b43e5b725a2cd5fa74854f4b2e715f58ee6ae44488f02
- SHA512
  
  0888ac46ca6329e5d7d53c5dfd4a65c98ea58daa48423dddd5c1658dfe7240a2a733dec0f34493a229bc0197134bab132dbebce2d4f9ffe4186d79f7db9163d4
- SSDEEP
  
  24576:/spUqF2JAwTDWLGf7ROqn2qepppWuedVrB/TI8beGQKM1:/awPWLGf7MqnEpuTVrdk8bHRM1
Score

10^/10

spyware lumma stealer
- Detect Lumma Stealer payload V2
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummaspywarestealer