Behavioral task
behavioral1
Sample
4008-1480-0x0000000000400000-0x000000000045B000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4008-1480-0x0000000000400000-0x000000000045B000-memory.exe
Resource
win10v2004-20240226-en
General
-
Target
4008-1480-0x0000000000400000-0x000000000045B000-memory.dmp
-
Size
364KB
-
MD5
1e9fff52f83f621e6ea12004886d2fe8
-
SHA1
52bfa9287d4f8a6d8b219e44760d1637881e8326
-
SHA256
379b7dfe9ebf657013b4d7f1840c71d3a158563c12c56f1e0b70b3f04f2daaf7
-
SHA512
5e708db8432cdfc2990d73ee10f88357f5537be35b001c337a740a711b1d03f9c7cbebf3f425ac6b50107710d1955e4e0a870013e811fab3d4e390d460d5d0f8
-
SSDEEP
6144:9Wl4LFa4hSjw81a3Y2xGyc3rFG676HfmB70IqmxuFlqSXS6EiP/Fm2T:9W4Rl81exXc3s676HOBxqm8HqS5M2T
Malware Config
Signatures
-
Detect Lumma Stealer payload V2 1 IoCs
resource yara_rule sample family_lumma_V2 -
Detect Lumma Stealer payload V4 1 IoCs
resource yara_rule sample family_lumma_v4 -
Lumma family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4008-1480-0x0000000000400000-0x000000000045B000-memory.dmp
Files
-
4008-1480-0x0000000000400000-0x000000000045B000-memory.dmp.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 299KB - Virtual size: 299KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ