lumma | 529d5a0687df16154b93236117d4fad1da9556b6570d9373733b3f6d0339d2d6 | Triage

Submit
Reports

Overview

overview

Static

static

3

Installer 32x 64x.exe

windows10-2004-x64

Sharing

General

Target

Installer 32x 64x.7z
Size

424KB
Sample

240704-qdv9xsxcpr
MD5

b1ee3243023cae39c7af54c24307f3ff
SHA1

8f62fb32846e3711d97b0ed28730e75508fb3ef5
SHA256

529d5a0687df16154b93236117d4fad1da9556b6570d9373733b3f6d0339d2d6
SHA512

65bc557bcf115c2e0253c93703c6ba3f226cf68c5a4e7e7ff22b2a0e39c1b7ef8062ad752fbe9eeda9339c30261070157af75ac19c89057903a45c72892bb6f7
SSDEEP

12288:0eRHSWrwOUokLbDvySQge+8LGOk2/eVD1/l:4HokLbDvP3LhOk2/e1dl

Score

10^/10

lumma discovery spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Installer 32x 64x.exe

Resource

win10v2004-20240508-en

lumma discovery spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://groundsmooors.shop/api

Targets

- Target
  
  Installer 32x 64x.exe
- Size
  
  127.5MB
- MD5
  
  3edcd74e544d3975a1cdc99f0fcdcf40
- SHA1
  
  f30ff6bcfb73cbb15935f5c00d74fd4412517464
- SHA256
  
  22c1e8e0c7938637e2cb084b4a4421640ed4ff21e562fda1e34b98032e74ede7
- SHA512
  
  18b37263d6338007407c7a3ce84689738f00335621e2738c2ba8a0e5e06f80030be46f23f437c2eed4e88d167f4a3ffaeb93990a8e4be47c00beded79c2341a9
- SSDEEP
  
  12288:W5ATYAP7BBRUokLnxgmSQ/ol8SHOC2/PzD1Aq2:YcDB0okLnxgTAWtOC2/PXs
Score

10^/10

lumma discovery spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

lummadiscoveryspywarestealer

© 2018-2024

Terms | Privacy