Extracted

Extracted

• • Target

    b60ea8fb0f9742c61533647f03983604da599423757f664c0a91f49a3c8db69b

  • Size

    580KB

  • MD5

    b0f04d2d53d1d0a26271120e7404d2d3

  • SHA1

    0fabcf4ad175477be07dfc5ee0cfdc152169b0ea

  • SHA256

    b60ea8fb0f9742c61533647f03983604da599423757f664c0a91f49a3c8db69b

  • SHA512

    b43dbffa61a521aecec2769797744580e2c604fd8be5f843fc4971a73ff5fc746c1552f95eb3aff36173541233e4c642bfe1779924a5d18b7f26e16097812e5a

  • SSDEEP

    12288:y2qapAlfgoXFbrljw86QtLDFCe2k/Wz63GubzHRj2qzszaD6dIisEO:MawfgkntLDDOzS11SRWzt

  Score

  10^/10

  lummavidarcredential_accessdiscoveryspywarestealer

  • Detect Vidar Stealer

    stealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2