Extracted

• • Target

    SN3PER_LIMIT.EXE

  • Size

    12.5MB

  • MD5

    1ac9777e3e68af7e134bf9c0df5351fa

  • SHA1

    c926beae3179ba6cf82c654166be4c9d2c21569c

  • SHA256

    fb4913dccd4a3bd9189ff38fb3da27d839a20cfb9889566598878ae85d78f903

  • SHA512

    e72d2f1191f1474eac60c50fac8874a36d210e4f832aff80015198a22d2e4ecfbdc39df842ef42a2e4ca9834b9758f805b50bd3dc7a374c12222c0b226f99579

  • SSDEEP

    393216:f5UXA4QSl0sXM0EW5qsTqxUsPAgloCPOYnXwok:hUXMsTpEeOPZtGOgok

  Score

  10^/10

  lummadiscoverypyinstallerstealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • .NET Reactor proctector

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2