Extracted

• • Target

    Leak-New-01-05

  • Size

    7KB

  • MD5

    5246d7e1141b4c5a5699d725bbe5811d

  • SHA1

    e428c54b65345173302aec4ab6925a65de3a888f

  • SHA256

    3ae6a78cb35bf01ae180a335de4f67d9cfb3b3435ae07de53c57a8341f40daa9

  • SHA512

    73afa44b8468821363302931df427d1835f50ea8c9a222f55559bd50a55103ed525ee5237621339da681f324d6e1cebd1b3fbde41371e02aa86836bf7bc86688

  • SSDEEP

    96:7suWzyOiRdzcOiLjfjmZ/Q6d38C9F/pePJjeIJumKF95RZjieojwXZk9qPYf:S3Gw7m5QGLSJjeeu1hkrb

  Score

  10^/10

  discoverylummaphishingstealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • .NET Reactor proctector

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • A potential corporate email address has been identified in the URL: [email protected]

    phishing

  • Executes dropped EXE

  • Suspicious use of SetThreadContext

  behavioral1behavioral2