Extracted

• • Target

    3_doc.pdf.exe

  • Size

    1.1MB

  • MD5

    595ed72a44e6d325e8450ed808a75a1b

  • SHA1

    4ee0c75ea588c4d06b3c9748b42343d7550cd523

  • SHA256

    fc3085b354e1e35b4a9b15166cbbead6a63fb3f2cd18f00f546868d5392408b7

  • SHA512

    750e699fc0d25cb1c6f9c944855e73a0844d16b198d96eefb9dbfea683b5b9c45ed041ae25e216895511024c7fe94d1c92513fd984d3ff810d3b4dd7f5c5029f

  • SSDEEP

    24576:hZkE7GcN9ytIFGibL4fzXeoRVofL+0zA7TrjkoG0WIorgXIMLVPO0:hn7XK9iyjCT5A7T/SrdMLV20

  Score

  10^/10

  kinsinglummaloaderstealer

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2