Extracted

• • Target

    SensorExpo.exe

  • Size

    1.4MB

  • MD5

    bc13a0403a10a32c7c81e29f430e9cc7

  • SHA1

    33d3af3457d4bbd3a0b3ce0dd367dcd330d7d4be

  • SHA256

    bf8d48786e209db46e1b20b1d4c04702427bed6417bdd4b1cc7f98041064304d

  • SHA512

    7e0f2eee87cd4698e6cec41352e7c11521c88a53686cc9841749ba8336b9d8473473f1e88bb11add16f702afe36a345f8191595d44d8c6ba8ba7a7eb47d1415d

  • SSDEEP

    24576:LGHIyRpP/DhpWN6R7W2g3+Qp2bo6AR2X0MnO42Qu5KCL8mLsWNk2ACANK0EoZe3j:6JrhpZQ1ukqXnO4C5KC4gOWYrU

  Score

  10^/10

  lummadiscoverystealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates processes with tasklist

    discovery
  behavioral1behavioral2