Extracted

• • Target

    KMSpico.exe

  • Size

    8.4MB

  • MD5

    ca48226df272a89b2d2622eb0ea90e2a

  • SHA1

    55a245e4d74b6085fbb500474195e01bea262f68

  • SHA256

    deb84edb1b68cf868beb0e84e40d06cc101ee1cde8ca03e112f710db6ca07bfe

  • SHA512

    e2130d93b671834dfe3b306fc1603af2fff84163991fb4490b17113585528b56b2f310cd37974aaf650567d6275f17e248286561e0b1e5047eb9060e7edfee73

  • SSDEEP

    196608:lHg2bkWJWRVifVqP1kyyM5r9a06OgR7JzvygVgCKaUoK6kgSvxQv:lHg7WQ19kFyg06R1y4gCKI52xQv

  Score

  10^/10

  lummadiscoverystealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2