Extracted

• • Target

    469fbee829e69894f23aa921e86480cfe18b116b873fedf03a9227ec1d57bb80.exe

  • Size

    1.3MB

  • MD5

    412db12259a7d002a629959260898ea7

  • SHA1

    4a8a563c534c4399d2f2dec2575c6268c2cbe898

  • SHA256

    469fbee829e69894f23aa921e86480cfe18b116b873fedf03a9227ec1d57bb80

  • SHA512

    0edcc32a29f2d4cdb5afda89dfcce0681d093ea32a3c85bc1e34f7279e82facdbb922461a6a0c6e5976d0be3d7a2559b8e328f0e2464e94ba9090aae3af96e8f

  • SSDEEP

    24576:yeO8eaBw8wu2vlgPhX49nuMUvLap9HMdCVPPhoJF9SCHCsKKgHQ34d8fr4:YCBwRu2NgPh8uR+jlPhs3SCFgw34C4

  Score

  10^/10

  lummadiscoverystealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates processes with tasklist

    discovery
  behavioral1behavioral2