Extracted

• • Target

    Exlan_setup_v3.1.2.exe

  • Size

    4.9MB

  • MD5

    f86e00a8bf2edc5379395d27f517a170

  • SHA1

    98362ae7984b73aa461ca2aeeed2acc08aa0cc73

  • SHA256

    55167bd32c236720792dbcd9318114b75ac5784c7c8be5f82b1f515aefcbf281

  • SHA512

    612ff5e2abf654c96144827bf09f316817fcdd911eba60a4d0504d5ddf98479830137156f8bd1eff0accbecf11b3d57ce999c2dbb03906919c62221731c9a731

  • SSDEEP

    49152:4NuYWEYKkHFfTvBJEvUf2vtY7uRfbQswUZcSByYGv5uuv/DYi35PB+MTRx2VT4G8:4NhWqQFfTjEvUfH7ul5ApZde

  Score

  10^/10

  discoverylummastealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Suspicious use of NtCreateUserProcessOtherParentProcess

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2