lumma | a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928 | Triage

Submit
Reports

Overview

overview

Static

static

3

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

Sharing

General

Target

a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928
Size

7.1MB
Sample

240704-2naazswbpd
MD5

d0e0173cc55e6c05976a99c9184e8e7b
SHA1

e6dff80e3fbc138669f2a00d980e56c90168b596
SHA256

a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928
SHA512

ffa0cfb950354fdfa2e95fe3b0c0ac12780904658fafbb88967be5cd0a208db7ff79c22deef99b0971554348067ea652fc32dc6d36f1118d772d1caf4f43abb2
SSDEEP

49152:g/BXLTVIEpSDDXjDU9oAlGSQcqLMmVssAbVSrpcWPME0d0GGlzuO3NzAojj05EiT:CdnV1azs9oAuW7s2FE0/GlS1EV+s9QO

Score

10^/10

lumma spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928.exe

Resource

win7-20240419-en

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral2

Sample

a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928.exe

Resource

win10-20240404-en

lumma spyware stealer

windows10-1703-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

lumma

C2

https://invisibledovereats.shop/api

Targets

- Target
  
  a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928
- Size
  
  7.1MB
- MD5
  
  d0e0173cc55e6c05976a99c9184e8e7b
- SHA1
  
  e6dff80e3fbc138669f2a00d980e56c90168b596
- SHA256
  
  a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928
- SHA512
  
  ffa0cfb950354fdfa2e95fe3b0c0ac12780904658fafbb88967be5cd0a208db7ff79c22deef99b0971554348067ea652fc32dc6d36f1118d772d1caf4f43abb2
- SSDEEP
  
  49152:g/BXLTVIEpSDDXjDU9oAlGSQcqLMmVssAbVSrpcWPME0d0GGlzuO3NzAojj05EiT:CdnV1azs9oAuW7s2FE0/GlS1EV+s9QO
Score

10^/10

lumma spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

lummaspywarestealer

© 2018-2024

Terms | Privacy