General
-
Target
Minecraft.exe
-
Size
3.4MB
-
Sample
230402-264ybach5w
-
MD5
5d54c3c6ddb080036a530bfe4d54c898
-
SHA1
68fda625ccda2f010bcd20eaaafee193b652e941
-
SHA256
6d1f971c0c335715c817409d8a0b066eeaae150ab2ae0fd04c6110e2a57a3c7b
-
SHA512
9475fa5952ff29a2e61a9e5ce4bdd66521a66632110a9c92cf7083d8291878a48183c4e80a77a81f545d006defef2a5d6bbed4ea36d8abc1d12b887a95fb28b5
-
SSDEEP
49152:fsB/0F3YHQ/29Jgjk9caltlxG4g6XTFFgZ5bvRveQc8UTLqbpR8:fedm29JrOa7lxG4mZ5bZveQcYc
Malware Config
Targets
-
-
Target
Minecraft.exe
-
Size
3.4MB
-
MD5
5d54c3c6ddb080036a530bfe4d54c898
-
SHA1
68fda625ccda2f010bcd20eaaafee193b652e941
-
SHA256
6d1f971c0c335715c817409d8a0b066eeaae150ab2ae0fd04c6110e2a57a3c7b
-
SHA512
9475fa5952ff29a2e61a9e5ce4bdd66521a66632110a9c92cf7083d8291878a48183c4e80a77a81f545d006defef2a5d6bbed4ea36d8abc1d12b887a95fb28b5
-
SSDEEP
49152:fsB/0F3YHQ/29Jgjk9caltlxG4g6XTFFgZ5bvRveQc8UTLqbpR8:fedm29JrOa7lxG4mZ5bZveQcYc
Score10/10-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-