Lumma | 495a744f7833 | VMRay Platform Report

Classifications

Spyware

Threat Names

Lumma Mal/Generic-S Mal/HTMLGen-A

Dynamic Analysis Report

Created 11 months ago

26422abceca3d5ce14d064e290678221.exe

Windows Exe (x86-32)

Remarks (1/1)

Process Crash (0x02000008): One or more processes crashed during the analysis. Analysis results may be incomplete.

VMRay Threat Identifiers (6 rules, 7 matches)

Score	Category	Operation	Count	Classification
5/5	Extracted Configuration	Lumma configuration was extracted	1	Spyware
5/5	YARA	Malicious content matched by YARA rules	2	Spyware
4/5	Reputation	Malicious file detected via reputation	1	-
4/5	Reputation	Malicious host or URL detected via reputation	2	-
1/5	Crash	A monitored process crashed	1	-

Malware Configurations

Lumma

Screenshots

Monitored Processes

Sample Information

ID	#10291306
MD5	26422abceca3d5ce14d064e290678221
SHA1	9bde1cf1e554872705cc38c9591b77b59c3aa597
SHA256	495a744f783348c8a6ef1c048ea3e62d3903b00c66e9be21bb374d59d18b682e
SSDeep	6144:PVrxFkLFRewJDAA9gJX4Lbsi0tgSh7Z2cEnMBmXgmmA5ab1v5tUmfqlJFKe7RiXI:PORRjW7dVBcTn5ab1htUKqlJFMDEt
ImpHash	f4a5c656336c7917052b7f56b0f839f4
File Name	26422abceca3d5ce14d064e290678221.exe
File Size	458.00 KB
Sample Type	Windows Exe (x86-32)

Analysis Information

Creation Time	2024-04-23 22:04 (UTC+)
Analysis Duration	00:04:00
Termination Reason	Sample Crashed
Number of Monitored Processes	3
Execution Successful
Reputation Enabled
Built-in AV Enabled
Number of AV Matches	0
YARA Enabled
Number of YARA Matches	4

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".

Before

After

WHOIS Domain Information

Screenshot