Extracted

• • Target

    File.bin

  • Size

    1.1MB

  • MD5

    44512d17e8d71a3aeec8da8cdf680b03

  • SHA1

    b511f02162a7ae5ac02cb727816ef50c2950d4f1

  • SHA256

    123209b3f8b97891a3f4c8ac6ea9fb4a7862e6d8a58db102f94c423a5a49e432

  • SHA512

    9ad14b393e9dccd9bae3ba1b4891f9202a9fdbd8f42e0d2cc4d64f50fc1258380d82f50a66ab52084d4d4e065edbc45df37222c73b7aa1541300d756b1b802ae

  • SSDEEP

    24576:+zxAPilgPWeM8Gw+VPM2Aw3tNM5sSkDV0dIlFm/:QSTMtwaM2AwpSeBO/

  Score

  10^/10

  discoverylummastealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Suspicious use of NtCreateUserProcessOtherParentProcess

  • .NET Reactor proctector

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2