Extracted

• • Target

    V1.56.zip

  • Size

    37.0MB

  • MD5

    8d5342e25d8d524b9e90b0f9d969fa10

  • SHA1

    068610998e8c9c9f8d891726612e9c182ccac552

  • SHA256

    c4ef59b78f973b8e7b6ea4a38fcb47b6fb89f313655561a45a8e902bc35916c6

  • SHA512

    24542b6d084b3c5ec1e03b4c7c91d5b14712b5157a20a5348f1bab4c8fec15cbc89ecbc6079baf617488236d9356bacb079d9329138dda9b92a6302d1353e3b8

  • SSDEEP

    786432:3OIDCHF6vramPmGgnIs0Q8UKfLD87hwzkBnQo1YQw/:+Ymku3vIs07UK387KzCQorw/

  Score

  10^/10

  lummadiscoveryexecutionstealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Command and Scripting Interpreter: PowerShell

    Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    execution

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2