Payload Details
| First Seen | 2024-12-17 (Login for timestamps) |
|---|---|
| Last Seen | 2024-12-23 |
| SHA256 | c6491d7a6d70c7c51baca7436464667b4894e4989fa7c5e05068dde4699e1cbf |
| Filetype | PE32 executable (console) Intel 80386, for MS Windows, 9 sections |
| Size | 776,832 bytes |
| Signing Attributes |
The certificate chain validates successfully to a trusted anchor.Chain ValidThe certificate was issued by a separate CA, not by itself.Not Self-SignedThe certificate is not reported as revoked by the revocation checks that were performed.Not RevokedThe chain terminates in a certificate present in a trusted root store.Trusted Root |
| Authenticode | ✗ (BAD_DIGEST|BAD_SIGNATURE) |
| Distributed By | Amadey (Login) |
| Countries |  Login for country information |
| UnpacMe ID | 4c950406-3610-45df-b1a0-082f323760da |
| UnpacMe Detections | TYPE:INFOSTEALERMALWARE:Lumma StealerRULE:LummaStealerCONFIG:LummaStealer |
| Sandbox DetectionsYara and Suricata matches | Unknown |
| Malcat Kesakode | Unknown |
| Download |
Signature Information
Certificate
| Thumbprint (SHA256) | a08ea2a7a257ad690b988446951e9def2986a2f3f546b6f0902805330f3b6b48 |
|---|---|
| Thumbprint (SHA1) | 141d90a1ba8f61863fbeddf7dd1d66c1d1e0b128 |
| Serial Number | d0461b529f67189d43744e9cefe172ae |
| Subject | |
| Issuer | |
| Not Before | 2023-08-31 00:00:00 |
| Not After | 2026-08-30 23:59:59 |
Monitored Sandbox Execution
Login required
Non-Monitored Sandbox Execution
Login required
Tasks of Origin (8)
First Seen (UTC)  |
Last Seen (UTC) |
Family | Botnet | Exit | Task Data | View |
|---|---|---|---|---|---|---|
| 2024-12-11 | 2025-01-13 | amadey | Login | | ||
| 2024-12-10 | 2025-01-13 | amadey | Login | | ||
| 2024-12-10 | 2025-01-13 | amadey | Login | | ||
| 2024-12-10 | 2025-01-13 | amadey | Login | | ||
| 2024-12-10 | 2025-01-13 | amadey | Login | | ||
| 2024-12-10 | 2025-01-13 | amadey | Login | | ||
| 2024-12-10 | 2025-01-13 | amadey | Login | | ||
| 2024-12-10 | 2025-01-13 | amadey | Login | |