Extracted

• • Target

    installer.exe

  • Size

    7.7MB

  • MD5

    e62eae84b891e0ae57f7eabf1739cd9d

  • SHA1

    ed768cd2b8a3181a1d3ee210ed804c2a32498160

  • SHA256

    132ab67167c25f51fac3929b0369e815bfa7ea815ce9aed4f91e92defc680523

  • SHA512

    f254c5d495992c10e6f53ff2ac08ce6dd8347a84a9b003db0eb6118e6f022d92a80653d6e159f155a940a43ab5d6c725ba8710bd8ea1b945991a63ec52b2f38e

  • SSDEEP

    12288:P3KTJCYUQC6tJVvlrk/N9AyU/Gtm13KTJCYUQC6tJVvlrk/N9AyU/GtmM:CTo9d6tNrABjTo9d6tNrABr

  Score

  10^/10

  lummadiscoveryspywarestealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2