Extracted

• • Target

    ng-32948238493-18-1-25.zip

  • Size

    1.3MB

  • MD5

    8ef10cb39cf040535382e7fbe0cbd17c

  • SHA1

    4beccbef5a235de2c6305946c2200f768fa81ca6

  • SHA256

    5f01f121168983ab53d3e4e523e344e3a78abdc3ca66cc2be0b54c8f755d8fbb

  • SHA512

    84169105a3af1bb44735bd3ba25de2e9704593f626d439e1f978a1b12eeb17faffe4fa89dd02778406101d6193932a0d6304e895340f8a0ae06104474590d843

  • SSDEEP

    24576:y7ON2caVsuah8AI+ui5FXBz63nAbSunVPMqzlfud+xJeBW/ikBRrDi2AeH5XW:y7OkcaVJjAI+JPz4AbSux1ZJMW5BNeeI

  Score

  10^/10

  lummadiscoverystealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2

• • Target

    cochlea.torrent

  • Size

    55KB

  • MD5

    495344e71846d9e9f55219dd173b8bd8

  • SHA1

    728a127f624ffd35a65e63f9a82c2afe4c622be1

  • SHA256

    4e07702ab4eb53cb3932dea092905b10bdc0299e0b8b3ac98cf7f213f12ad3c5

  • SHA512

    dd77bec78b5b1d457bda9dd4c44175916fce42934a6a30a4bdfe8561ada05ef00aacd05aa366288baa943b3ef2fc7fd6ac1ea5a617d493072e050fd937fc2435

  • SSDEEP

    768:VKMb3EbQLjbSRNol3CRJ3b4DSzm5oPvhqszEIp4SYSxE8li2zGGfDCpZLpywWir2:VSQLj+EkPJqiOQS8phOyUdaqdcAQp

  Score

  3^/10

  discovery
  behavioral3behavioral4

• • Target

    steamerrorreporter.exe

  • Size

    560KB

  • MD5

    dc1681b98049f1df46dd10d7f4c26045

  • SHA1

    4c7f5cf7c00b6139979f8aa41f46979666369224

  • SHA256

    594f9853124e0a81deeaaecb8ec3d192169e7393778214ef6d8f6460450ef080

  • SHA512

    c9a2086326acbab8aba801da0d8bd2aa06951ec7fd7f32a3150f9521498c0b6711552695fbf9d0de7668503630c508bcd68e1d715796ef34f9945035da3fe1ed

  • SSDEEP

    6144:mOzBfFojwX0v4KU9DJZ10Bwr/RvTuZjOULXAO99cER0u+GIIIIIIIhIIIIIIIIIZ:mONFX0v4KU9DJZ16wr/MHVm5a0dw/D

  Score

  10^/10

  lummadiscoverystealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Suspicious use of SetThreadContext

  behavioral5behavioral6

• • Target

    tier0_s.dll

  • Size

    341KB

  • MD5

    884013332bf332e4dd8cbf0109a8cfeb

  • SHA1

    c01789d661d465ca29d20174d8f5d29afb1fcffa

  • SHA256

    8ed104f6d7a50f95d515005bf6bd5569cd2dc0107119aa3d91e21dd7ba777e98

  • SHA512

    ea18f416b1295edcfc197c685d56030246097bf95ffffa46f13a16753d05d95a1adb83b5ba0669eaa1049856ea2486ca0fc49507df7d41572de80701e9852f64

  • SSDEEP

    6144:DO5PGFHiJNurwiq3u6FukK7hrYmFX0A2qu7ItONk+Z1s4gDT+x5/fXckKk:K2HiVRukK7hrnFh2qos4gDTAnlx

  Score

  3^/10

  discovery
  behavioral7behavioral8

• • Target

    vstdlib_s.dll

  • Size

    519KB

  • MD5

    5c245a8bc2765f02b838db613a2cdb49

  • SHA1

    0952a9edaeebcb4afb1f746cc08e044ac2f2a4e3

  • SHA256

    411fe1b7a84923e849be6844768240da54122f02dbe9611aa18f33e765ad108a

  • SHA512

    ca2235ea5c01b173106cd33ead51ba4877cd85dcf978fe5468ab1b85b173ce2f85d2e846c4bd278cbffebd82b35674f3b2497271c25658536623f1d7aaee0f8f

  • SSDEEP

    6144:PCB3aDbaQhzA12ytyjiIhGdoVnfNJ6mgVQttuZ83OmQKgR3ezMB:9zFAEytyjiIEoVnfz6r01yozI

  Score

  3^/10

  discovery
  behavioral10behavioral9

• • Target

    wharf.indd

  • Size

    775KB

  • MD5

    3ea96a50807b3a6bb83557d94c8f9086

  • SHA1

    1e3f8ddfd9eef1e3b73d228f3da3ab154514f381

  • SHA256

    f56b4dc0c747d09582debee8014ba7c915b7c0b3888e1022795547a983d83c10

  • SHA512

    31b417c4f21a4fdaacc87df63d63822f99b1d64406b979d11d3c70026c602846470270508c419faf3ed3106654df55be6ee9d8323b0777d1765d92ad8f65cce4

  • SSDEEP

    12288:ZvBZGLN5+6cpqX/imLM5UFDS5ECfRFqr1r3J8xeB0BPxDshHweqOb7EeWvVxY:lBS5+6f/imLM5UF2gV3J8QIPxDsJwcOY

  Score

  3^/10

  discovery
  behavioral11behavioral12