LummaC2__0x000002B425F277C8[.]exe

General

Target

LummaC2__0x000002B425F277C8.exe
Size

2.1MB
MD5

d46fb939898c5e3307555cb6d5c4eb5e
SHA1

87ef319a8c0e5b4d2a3d0db921a62c6e04e38806
SHA256

a09ad42e6a64cfeb698be397c9c330937eccfd4efb7ab6ae8ef7e9ffce174135
SHA512

2433f72bbea46f2a13811addb711b43ce71b559617118009f5e145b47b16ec50093ab15663b7e76d942229f638392c87a3ceeccccb79321a71f503324d6f3ce2
SSDEEP

49152:sbH5Ybthr5Jcnfo+kcOC6vWTUBCbUlV2tNjuJ2o/C2Y3Q8Ug:sD5Y3sZn6OQlV2tcLC2Y3Q8Ug

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LummaC2__0x000002B425F277C8.exe

Files

LummaC2__0x000002B425F277C8.exe
.exe windows:6 windows x86 arch:x86

49955bca55f34386f6906cf88e2ec64d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
DecodePointer

gdi32

SetTextAlign
SetMapMode

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49955bca55f34386f6906cf88e2ec64d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.data Size: 19KB - Virtual size: 55KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 314KB - Virtual size: 313KB

.reloc Size: 200KB - Virtual size: 199KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 19KB - Virtual size: 55KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 314KB - Virtual size: 313KB

.reloc
Size: 200KB - Virtual size: 199KB