Extracted

• • Target

    f3bf3e1090aba9eb175872d9ed4d99a4a810a9850d06cf4baa5612c85adc9685.zip

  • Size

    2.5MB

  • MD5

    9738664636d2257a8d974df969d403e0

  • SHA1

    e87ad7d344ba3ec8866c578c97392ee27ee1667d

  • SHA256

    f3bf3e1090aba9eb175872d9ed4d99a4a810a9850d06cf4baa5612c85adc9685

  • SHA512

    5d85f998c7993f6bfd6b853e51d57c5080f9c46dad88f0c4afc623edabec89e55760355fd38a7353e1824b5d245ee4b321c6d71a6432a0417b23340e4ea6658b

  • SSDEEP

    49152:LiSoOl+YyNuUp4m4zYaNvYFdoCQmjlgPshwiB56wFbtZTCoyFYA:Lt7+YJUp94zbNvidLxgPs5zbtEF

  Score

  10^/10

  lummadiscoverypersistenceprivilege_escalationstealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2