Extracted

• • Target

    f697d689701ccacd6870c3fc077cf6d12585dc6db60b3ab7db483e3d7180f966.exe

  • Size

    1.3MB

  • MD5

    bcae44d5bf6fcd34c12ef6a6502faf7c

  • SHA1

    7b383cb56e8070e1595da9d44885f2a9eb8037cf

  • SHA256

    f697d689701ccacd6870c3fc077cf6d12585dc6db60b3ab7db483e3d7180f966

  • SHA512

    9f6229c4c6e3363746499be720d7fa466a6646bfd3adb46f0c66b23af923d9fec91bfcfcd16f8b4e746bfdf64bad807eef5b0250c659e4c3b109ab24c2b4d3b2

  • SSDEEP

    24576:YHHOcwqlg+qnztwE240yrFIrStE5ouCE4g23X/pQIjFvqxFx+vIK/kGM3ESw8bIX:pctt8440yrFIrbd4ls8v9/kGiEhAIX

  Score

  10^/10

  lummadiscoverystealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates processes with tasklist

    discovery
  behavioral1behavioral2