Extracted

• • Target

    14f9e3ea623dccde8cc077de47dc6c1b

  • Size

    216KB

  • MD5

    14f9e3ea623dccde8cc077de47dc6c1b

  • SHA1

    e55644d8a8b366d94f6e05be56daed1ff7ca4241

  • SHA256

    3621cbb7c16bb07b3636356e9f73788c95057b3fe7cba6850e8f3b2d0fda6dc5

  • SHA512

    e35bae057c97a7fe2567ca1562a1c7418f66cd07d92f52cf364133b679677aadece02e28375e44c47d2ed81e458742b2911a0ec2d5c624749cea694edfbd46b4

  • SSDEEP

    6144:6b3UYmL5+wp7XH51MnD9fpoh+WclrLqE:6beLpJXZ1b+WSyE

  Score

  10^/10

  lummametasploitbackdoorstealertrojanupx

  • Detect Lumma Stealer payload V4

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

    stealerlumma

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Drops file in System32 directory

  • Suspicious use of SetThreadContext

  behavioral1behavioral2