lumma | 85356bb669ec17503e48ca457e99347f5386ba644fba9d638d4188a7b4970153 | Triage

Submit
Reports

Overview

overview

Static

static

3

qeUaxJCA3FO.exe

windows10-2004-x64

Sharing

General

Target

qeUaxJCA3FO.exe
Size

518KB
Sample

240704-r1fneszfka
MD5

efc76b9581da08661c9c91c2a6e7d289
SHA1

ef7674fe136d80308a44d99ac72b8be550604110
SHA256

85356bb669ec17503e48ca457e99347f5386ba644fba9d638d4188a7b4970153
SHA512

b2d3432b68b227a5ad64faf6cc789f32ab2234a070c25393849c3d170616a125c1c3c82e18a7952b3ddd3a0024ff845c67aa67ce9b011b9cd9b74e093fc4e5d1
SSDEEP

12288:MnUGt+HbHe5BjPORtvLP9qpbY7/2E1yItd2ybSLxWP1yh:Mnncbs1PODZqpBCSiS8Pg

Score

10^/10

lumma discovery spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

qeUaxJCA3FO.exe

Resource

win10v2004-20240611-en

lumma discovery spyware stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://bitchsafettyudjwu.shop/api

Targets

- Target
  
  qeUaxJCA3FO.exe
- Size
  
  518KB
- MD5
  
  efc76b9581da08661c9c91c2a6e7d289
- SHA1
  
  ef7674fe136d80308a44d99ac72b8be550604110
- SHA256
  
  85356bb669ec17503e48ca457e99347f5386ba644fba9d638d4188a7b4970153
- SHA512
  
  b2d3432b68b227a5ad64faf6cc789f32ab2234a070c25393849c3d170616a125c1c3c82e18a7952b3ddd3a0024ff845c67aa67ce9b011b9cd9b74e093fc4e5d1
- SSDEEP
  
  12288:MnUGt+HbHe5BjPORtvLP9qpbY7/2E1yItd2ybSLxWP1yh:Mnncbs1PODZqpBCSiS8Pg
Score

10^/10

lumma discovery spyware stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

lummadiscoveryspywarestealer

© 2018-2024

Terms | Privacy