General
-
Target
STAR WARS Jedi Fallen Order Trainer - FLiNG.exe
-
Size
141KB
-
Sample
230401-t8qvgabc39
-
MD5
12d49dcef71363b16e12bd7340e80871
-
SHA1
79aa732397b65ba592e7f9a11d2c7bd1f98fd915
-
SHA256
14fdb637696ff4694c65aa53476b02410127e42db4fce684ded2c94cd0f4c01c
-
SHA512
7dbca3eb5cd8edbc776f80250db91b8f47958904fe57e75fd05a2ff2d667298c80ef57f4b433db7a4c8bb6b9dd20499fd014ac3a3e2691c86b1c8d6be72feef4
-
SSDEEP
3072:Bojm4ILlCI+4COHCyhaEtHZkOpk97oc4ILlCI+4TOHHSafx:Bd+bwaEtHLhiHt
Malware Config
Targets
-
-
Target
STAR WARS Jedi Fallen Order Trainer - FLiNG.exe
-
Size
141KB
-
MD5
12d49dcef71363b16e12bd7340e80871
-
SHA1
79aa732397b65ba592e7f9a11d2c7bd1f98fd915
-
SHA256
14fdb637696ff4694c65aa53476b02410127e42db4fce684ded2c94cd0f4c01c
-
SHA512
7dbca3eb5cd8edbc776f80250db91b8f47958904fe57e75fd05a2ff2d667298c80ef57f4b433db7a4c8bb6b9dd20499fd014ac3a3e2691c86b1c8d6be72feef4
-
SSDEEP
3072:Bojm4ILlCI+4COHCyhaEtHZkOpk97oc4ILlCI+4TOHHSafx:Bd+bwaEtHLhiHt
Score10/10-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-