Extracted

• • Target

    Captiva.exe

  • Size

    7.0MB

  • MD5

    8b7343c22fb99c26da8f3122c6cecdcd

  • SHA1

    898ebaa6ae8293f24306475ea5029520a1533dbc

  • SHA256

    fd37270bdce8937cc3cb0d4d99300f537daba57e70f36f40e4c767411f7938cd

  • SHA512

    8d806c124656ebdf151f92ce9bb6024cb2fe17a5dafeb90c0ceff783c6e8c9044f00bc846727465f64f79946096d60d81d2434ae6cb05b6a18aee5bc05e4ba81

  • SSDEEP

    98304:c3d8QkJDJ3m0R1yQXvCyCE28yW1cadMykTmERn50gxIbgSZtwzn05A4tcqQVIhvQ:p+0ncq/aDDWqR

  Score

  10^/10

  lummadiscoveryspywarestealer

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma

  • Lumma family

    lumma

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1