MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 fdd0de08cbe1977e557fb86244b55f8f764d3196f449c27f78a8c868ea73a791. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
LummaStealer
Vendor detections: 3
| SHA256 hash: | fdd0de08cbe1977e557fb86244b55f8f764d3196f449c27f78a8c868ea73a791 |
|---|---|
| SHA3-384 hash: | 4b07d7ee358b37936ac2f95da8529655c78b32a7a982b9620c42b764572025991f554bdb92a8b6a4a6cac3472f22f82a |
| SHA1 hash: | 5a780a6d51ada29f455766b1818c007a08ab47b3 |
| MD5 hash: | ecc1a950917f2e38b055d0547a977d7e |
| humanhash: | east-speaker-nineteen-three |
| File name: | ⌂Pα$ʂKҽყ🇸-4715_!𝙵𝚒𝚕𝚎S͎a͎t͎u͎p͎✹.7z |
| Download: | download sample |
| Signature | LummaStealer |
| File size: | 17'167'185 bytes |
| First seen: | 2025-03-27 14:46:52 UTC |
| Last seen: | Never |
| File type: | 7z |
| MIME type: | application/x-7z-compressed |
| ssdeep | 393216:f2lH6CBZqLRAE2G2g2oaMfjQ4pUPuR5PD1NcpTX8OTRkUGa0pIVDT:f2Njji5UnOjQ4a7Bjd0pm/ |
| TLSH | T1C107334238B8BF259DC8D3E4A724CDEFDF466D3E62CF9075AC6618585DAE26388C4053 |
| TrID | 57.1% (.7Z) 7-Zip compressed archive (v0.4) (8000/1) 42.8% (.7Z) 7-Zip compressed archive (gen) (6000/1) |
| Magika | sevenzip |
| Reporter |  aachum |
| Tags: | 7z file-pumped HIjackLoader IDATLoader LummaStealer pw-4715 |
iamaachum
https://filenimbus.com/0MdWlkPTE0JmZpZD0zYTcxZg => https://www.mediafire.com/file/mzq6hhtd35sjcc2/%E2%9C%BBS%E1%98%BF-%C9%AC%C5%B3%E1%91%AD_N%D2%BD%C9%AF!--4715_!%E1%8E%AE%C4%85%CA%82$%C6%880%C9%96%C9%9B#@.zip/fileIntelligence
File Origin
# of uploads :
1
# of downloads :
75
Origin country :
ESFile Archive Information
This file archive contains 128 file(s), sorted by their relevance:
| File name: | override_add_get_contravariant.phpt |
|---|---|
| File size: | 427 bytes |
| SHA256 hash: | 40116e6ce0e0bbb18834fe2a8e43a8cbdfa715bd4cc71b36de46733a8420435b |
| MD5 hash: | 628c80d244e6ddfe657346cdae34c774 |
| MIME type: | text/x-c++ |
| Signature | LummaStealer |
| File name: | Setup.exe |
|---|---|
| File size: | 336'848 bytes |
| SHA256 hash: | 32ef96fcb4e5db03ac6e8582d78670856f53fa284b79d8358ed92c19fc7830b5 |
| MD5 hash: | 372723341529a19f1576557a83b51bff |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | 002.phpt |
|---|---|
| File size: | 2'232 bytes |
| SHA256 hash: | 0181aa68962358332f7f6ff97ebb5042ea84eb304bfcec2324c533635275aab9 |
| MD5 hash: | 9a93ae50389686938139563eb41d43e6 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | callable_001.phpt |
|---|---|
| File size: | 708 bytes |
| SHA256 hash: | 759d3b8385731df6e9d11ffa38d2b66794b837999f2848f343434dbc99c998c8 |
| MD5 hash: | a9f7ea5d317b993805f42d5e9f6448d8 |
| MIME type: | text/x-c++ |
| Signature | LummaStealer |
| File name: | gh16499.phpt |
|---|---|
| File size: | 534 bytes |
| SHA256 hash: | 264bbe92fcc02e327fb0c0243c8327726e51e9ff1cc326daf5958ec719761d72 |
| MD5 hash: | a22c2d9fe136e2943c52e9ad019fccb6 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | DOMDocument_loadXML_variation3.phpt |
|---|---|
| File size: | 631 bytes |
| SHA256 hash: | 574dddd821b13987ec69f0d10ffe203e54670c5ab7f6109057a727e66cd558f5 |
| MD5 hash: | 770f3101dee4bc5aadbc66dd189a7d15 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | dvaaudiodevice.dll |
|---|---|
| File size: | 1'246'920 bytes |
| SHA256 hash: | 7ad354f524654e9aade000c721228c09e5d1cbd67e8504c4c4c62e4e493ebcc3 |
| MD5 hash: | 78e54e0638bdd4e944fc6b4f5e1ac170 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | pdo_039.phpt |
|---|---|
| File size: | 1'261 bytes |
| SHA256 hash: | 3301a39ee847666e11180e54ea63cfa3f3bde2fe760182d82e2740409f9ab653 |
| MD5 hash: | d5f919a7d07628a9cc6b46c3c59f3767 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | strripos_variation2.phpt |
|---|---|
| File size: | 3'628 bytes |
| SHA256 hash: | b202617b8b1d58188426c4e6ce5cc2f211db066e48cfc8b2c4f408732e6c67c2 |
| MD5 hash: | a4266d42b590c69ab688bfb21caabf6e |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Microsoft.ProgramSynthesis.Extraction.Json.dll |
|---|---|
| File size: | 201'080 bytes |
| SHA256 hash: | 596cd939ed59e552c26a99f3b844d813564969736e3742e0358e85d32c0eb6b5 |
| MD5 hash: | 8b9ab95ad3e08e6e62245663d5e2b628 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | MSB1STAR.DLL |
|---|---|
| File size: | 266'096 bytes |
| SHA256 hash: | 39d3cebc3ad7d8f6500adbe6daf39c38ee9b1220214928e8fe9700ff44eff4d0 |
| MD5 hash: | 4ec05e244e9a6d14a2f3fe32c284cf7a |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | OverDrive.dll |
|---|---|
| File size: | 236'800 bytes |
| SHA256 hash: | bfaa74c4afb9f1c33f723354b1adf82255cd81e0773b829a53c1b3609688cab4 |
| MD5 hash: | dbb701387f49febaa524bbe74110cedb |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | git-upload-pack.exe |
|---|---|
| File size: | 3'805'688 bytes |
| SHA256 hash: | d5f90ab53623307d3db6c294647bf106d9f5189432cec88fe73968be44a4c506 |
| MD5 hash: | 78befd2ee60a3efd6b822147f75766bf |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Microsoft.VisualStudio.TestTools.UITest.Extension.dll |
|---|---|
| File size: | 254'264 bytes |
| SHA256 hash: | cfe74b72990f76c72e44586a1ba1b81e159404e59aeaa71f1a5db533b64598e6 |
| MD5 hash: | 6e37baebe52b9b48f2edd22f087536aa |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | WinPix.dll |
|---|---|
| File size: | 266'536 bytes |
| SHA256 hash: | 88a4a3dc6e97c1af7de4e313f32d0394a037be250f80aa44a0eb070edcc4cf13 |
| MD5 hash: | 889620c2c9ebc0db2734056aeff4f7a0 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Microsoft.VisualStudio.IdentityService.Wpf.dll |
|---|---|
| File size: | 217'120 bytes |
| SHA256 hash: | ff64c55db1bfffd8925d53c9020208650109ad228062352c16a76666bdedec0c |
| MD5 hash: | 9308d96c01b241433f7509a77e4aaddf |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | php_open_temporary_file.c |
|---|---|
| File size: | 10'739 bytes |
| SHA256 hash: | c36108843431a54cb560dfe507e23ede9f6e739be8120bbeb52853d94ae14037 |
| MD5 hash: | 3e357a47e3e7665f9474b59bd149d941 |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | bug66882.phpt |
|---|---|
| File size: | 221 bytes |
| SHA256 hash: | 02f1e2de0b4933bec03e75507613a25df594fe28a8aa9e8c6de7f03fa960bbde |
| MD5 hash: | 87dc475399c673f07086bdb8abda4936 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | frontcontroller12.phar.inc |
|---|---|
| File size: | 663 bytes |
| SHA256 hash: | e16a59bb1db95612a7ddef8bef9718d3e36d7fea77be1e3d90dbd33a9b54823a |
| MD5 hash: | bb497b9e71523e96d616a90829b040ff |
| MIME type: | text/x-php |
| Signature | LummaStealer |
| File name: | msvcp140_2.dll |
|---|---|
| File size: | 268'256 bytes |
| SHA256 hash: | 9196206f64a6a0d86f5f69e9e3e6388f1e063447ff816101f3188122914d53e1 |
| MD5 hash: | cffced237bdb09b590ef4c8e56905f18 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | ReflectionClass_hasMethod_basic.phpt |
|---|---|
| File size: | 1'010 bytes |
| SHA256 hash: | 0458d10f1a2c0fc453b5f3750f4868689ee84175705fcdf2732a9f36b3f5953b |
| MD5 hash: | 60adda9f9dff7d020fcc1d505fe11ac6 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | test_regexps.txt |
|---|---|
| File size: | 1'965 bytes |
| SHA256 hash: | 9ccfc3399ef9c402d99c6eb85f18eaa41164a00e81165f4b5804e5884aa78268 |
| MD5 hash: | f30bdd3038738be3245bc4c945562514 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | libbluray.dll |
|---|---|
| File size: | 410'976 bytes |
| SHA256 hash: | c47a372b84409db9db0d63a2f17af519ee82f74075caec61c6a626a137094cce |
| MD5 hash: | a87aa7013cbed231db08d6141c63bdf0 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | scintilla.dll |
|---|---|
| File size: | 632'320 bytes |
| SHA256 hash: | 76bb9249bbfd9d053ec03d0cbae2f20656e0f75b7a882b12d141cbbcf9a98153 |
| MD5 hash: | e8baaff43abf29a45e9793f1b8298fc9 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | effleurage.svg |
|---|---|
| File size: | 3'874'554 bytes |
| SHA256 hash: | fb30bba67475c5d2fd41665856911c864d4695a373f47ec3c5f33405a727dd0b |
| MD5 hash: | 6e3d59e67adf0ee53e4b42c79329673c |
| MIME type: | application/octet-stream |
| Signature | LummaStealer |
| File name: | mod_tidy_oldgo.txt |
|---|---|
| File size: | 489 bytes |
| SHA256 hash: | 4fa6c9771d1125d9436319f58bb3783be546d9ebc50107bb26a3baf1734828c7 |
| MD5 hash: | aeeb6c33ac837d0b34f2523f4aaa0e07 |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | AutoUpdater.NET.dll |
|---|---|
| File size: | 323'584 bytes |
| SHA256 hash: | 7ccd83b3755141dd51163eb4e59d40e6c550505a00db6c4a1554a686bef7f0db |
| MD5 hash: | 6e8df639ec0e10c9b88f2be3d4fb1899 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | gmp_remroot.phpt |
|---|---|
| File size: | 1'708 bytes |
| SHA256 hash: | 67d268fb0e4e32d0f9ba74bcf29f7803dd215b73b124ffc454fc0fbc9be2a70d |
| MD5 hash: | b2023be5cce24dcff03ed7bbe95d4849 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | zend_list.c |
|---|---|
| File size: | 9'392 bytes |
| SHA256 hash: | 8815a5aba729e78a8f2d7be1f7f6c0cfe830572093377a0a0875241fa168a8b6 |
| MD5 hash: | 57b35a16cba80b68279eaa5316994886 |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | iterator_041b.phpt |
|---|---|
| File size: | 2'354 bytes |
| SHA256 hash: | 2d14afb6307e9db77b9cd03193eac9b4d25c5e6e84767046083abae4ed52a3a9 |
| MD5 hash: | d706268ccb6185800e57973cbaea970f |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | msenvico.dll |
|---|---|
| File size: | 699'824 bytes |
| SHA256 hash: | c2a84abdf647e4a3f1671b33806f0283257627fe91c717bcd0eac14cced0b00d |
| MD5 hash: | c346dca20fb65853c5d5e0026390091a |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Portuguese.txt |
|---|---|
| File size: | 30'809 bytes |
| SHA256 hash: | 4e7ced35b26a503133d40e491cd54f4b43786b9b7bb8de8a8c8e927bd253da51 |
| MD5 hash: | fac3fc4b625d939a1cb5a246f9835473 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | largezip.phpt |
|---|---|
| File size: | 763 bytes |
| SHA256 hash: | 9cad94d310c916b3771b2147d944a7f9b9d13c169f0a87215f5b03c481df367f |
| MD5 hash: | c50b24c09a31af33c885553349c6630c |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | antiword.exe |
|---|---|
| File size: | 284'448 bytes |
| SHA256 hash: | d30a37489c64ada474d8d5aa5abb0778a6955d3ce6cdbb7c8c659e37b89d3da9 |
| MD5 hash: | ef6b844dc543365bd6825d37dbbc04da |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | example.com_retract_self_prerelease_v1.0.0.txt |
|---|---|
| File size: | 365 bytes |
| SHA256 hash: | 16719e440759ae114000e54d9e2b349aeb8b894cd8a83e08939e60c9abf5f143 |
| MD5 hash: | 8bf1dababc0b1101a5d29411d4137dbd |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | mysqli_real_escape_string_sjis.phpt |
|---|---|
| File size: | 1'390 bytes |
| SHA256 hash: | 6f62f5453b312b003a735d671143de68a7ccdff00a9a72f16d6bebd8dea63055 |
| MD5 hash: | c76bddcbd6b0d622a7e27563a156aa1e |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | System.Linq.Parallel.dll |
|---|---|
| File size: | 1'133'944 bytes |
| SHA256 hash: | d54220e3f3006c8cd667fadae6b43015414267cf0fa33f61ff4b9ac20e413e51 |
| MD5 hash: | bbd05bcbed0586f6d851c6c1faf6dce0 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | WzWXFog64.dll |
|---|---|
| File size: | 603'800 bytes |
| SHA256 hash: | 278bb90ea280f68f6c6de0015f075f86c534fcd6157d35e356c30c8eef596d5a |
| MD5 hash: | 725f8e65c74c77400adcad66c1b4bfcf |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | vendormod.txt |
|---|---|
| File size: | 2'326 bytes |
| SHA256 hash: | 8c17a7b7ea573f6c7bb1e32e64d2ea005d3c60c500684e4dfd20ca6bac3b45d3 |
| MD5 hash: | 27d2592d4a25a41a5ed3c4fbdac5fb28 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | proc_open_pipes2.phpt |
|---|---|
| File size: | 304 bytes |
| SHA256 hash: | 302c4564511d3e9f1df05c47ba607a08f2e7915cba5ee12d4a5df88e1387ff37 |
| MD5 hash: | a0656cc413926a59e9b771e398dffd87 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Rblas.dll |
|---|---|
| File size: | 274'614 bytes |
| SHA256 hash: | 412b893b85a1bf8dd30187e4d57219d03fdc46d06b4d344fbd05405c866e75f7 |
| MD5 hash: | d21e338a70dbdf9dd37ecc83e6237057 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | msg_06.txt |
|---|---|
| File size: | 1'070 bytes |
| SHA256 hash: | d13f073432749486fe695b446d3b1ab4be990d60c71db6ad36af48ec9295b271 |
| MD5 hash: | 7af82a765496b841e51844efdb4d26ed |
| MIME type: | message/rfc822 |
| Signature | LummaStealer |
| File name: | Microsoft.VisualStudio.TestWindow.Host.dll |
|---|---|
| File size: | 490'936 bytes |
| SHA256 hash: | a87a9089517cca4b0d8bc0ddf3d155fee06e9cdecac5b5bacf8884ab6e30b5c9 |
| MD5 hash: | bae59417b06af30fe5b433cd274db20e |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Microsoft.Data.ConnectionUI.Dialog.dll |
|---|---|
| File size: | 454'080 bytes |
| SHA256 hash: | 4aaee4ea645420d12bc1759404ec8747a8516111a65b2a3ef6003751811cff19 |
| MD5 hash: | 869b733a049c0690ae062ea75b9e51de |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | winfw.dll |
|---|---|
| File size: | 499'928 bytes |
| SHA256 hash: | 2c78c8db4e7ad93e1f0cc1826e658375fc5e0e32ab670e9f088f4673cb88aab6 |
| MD5 hash: | b8c1f863a84cd08b5f87fcafade8bc7c |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | SugarSyncService.dll |
|---|---|
| File size: | 342'168 bytes |
| SHA256 hash: | 1a2e730b65f704565ac0a660586e364c3372c6bc50d9e64f320fee0eb29c248e |
| MD5 hash: | 4fe9384d5f17dc6825630c11ce84a6ca |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | bug72943.phpt |
|---|---|
| File size: | 351 bytes |
| SHA256 hash: | 588a8dbcdca93811a5b43ee99b4710d3fb4c73e796be08400ee066234b3db3e5 |
| MD5 hash: | b67860047875d6cbceab927ab8352640 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | wimax.dll |
|---|---|
| File size: | 816'128 bytes |
| SHA256 hash: | 0827ed84e02aae1b97a44901fca5300a84c0d6a9a15153b43161d24c913a2df8 |
| MD5 hash: | f95612da1e51e361caa68ae6135adbb4 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | 005_objects.phpt |
|---|---|
| File size: | 2'125 bytes |
| SHA256 hash: | 9d87ae7b4b44d1c6eff1880c75da19fb10e55b77f8c92eca297982740ce3faf2 |
| MD5 hash: | 371f8b9379cc096f31d971314ea790d0 |
| MIME type: | text/x-c++ |
| Signature | LummaStealer |
| File name: | _Repos.dll |
|---|---|
| File size: | 474'147 bytes |
| SHA256 hash: | d15dd1354ced4dbe9726fa917bbf4bcef8fab63147e20357c3c9ec8ee5d88f41 |
| MD5 hash: | e57b3351062c5cf9ee39326cdcb8731c |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | NAudio.Core.dll |
|---|---|
| File size: | 200'040 bytes |
| SHA256 hash: | 89810ce842f3c2bd0e488ef2d4eb4a4dfdd09b61b5f54105b8e29c3ea1d4594e |
| MD5 hash: | a6b458d4a2d6a7074cdd95e3b4c4a265 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | bug34643.phpt |
|---|---|
| File size: | 960 bytes |
| SHA256 hash: | f107f8c6ab6c1c755553a96f527408ca4b99b26f1e8db3410b3cb376e68c4b72 |
| MD5 hash: | 8bd6567343576a93910557adf52898e9 |
| MIME type: | text/x-c++ |
| Signature | LummaStealer |
| File name: | mb_substr_variation4.phpt |
|---|---|
| File size: | 2'623 bytes |
| SHA256 hash: | 30ac76cf505aea545df3c2aebfc28b3380a5a491f16ba4ff80714d4d56f4b2ba |
| MD5 hash: | 978cc7361b52cf1345c35517a4cd6f62 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | icuuc40.dll |
|---|---|
| File size: | 1'251'528 bytes |
| SHA256 hash: | 9d71f32fdca2295cb6a8d34babfd4d0597191108be1a7838d42114800fda8d2a |
| MD5 hash: | 30553b2a4688887fae7cb18c90a920a5 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | version_buildvcs_nested.txt |
|---|---|
| File size: | 1'673 bytes |
| SHA256 hash: | e69676aa2243ca8a25f842a1b28b696cff071afada081dae2fa63be92e5077a1 |
| MD5 hash: | cc8ecc4a8ed917f57e7c8674e2704551 |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | ApplePushDirect.dll |
|---|---|
| File size: | 338'784 bytes |
| SHA256 hash: | 106beed1c918f3e12c3923a24b94eb496745e19eb8baed5453f372a6af6e9797 |
| MD5 hash: | 164bfd15b9b72d30fa41f10e74f0fa65 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | copypalette.phpt |
|---|---|
| File size: | 893 bytes |
| SHA256 hash: | f07ab7d2b17faa3593724d426f3958c761e502a5d0cf285ddd6681609b0e888e |
| MD5 hash: | ca52be48a9670cc0a37c4e9ce37972dd |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | objects_010.phpt |
|---|---|
| File size: | 182 bytes |
| SHA256 hash: | f4ce98afe047c4408e806c17cd6d1cea6416c36a93134928dfbc6d637724b87d |
| MD5 hash: | 0f44184d7e49324c0425a69790e8ad34 |
| MIME type: | text/x-c++ |
| Signature | LummaStealer |
| File name: | PsHost.dll |
|---|---|
| File size: | 235'008 bytes |
| SHA256 hash: | 6fd70cd69e75758e0ae91cbccf8ecdfff699db08105cbf4d659bcd5b9cdb4647 |
| MD5 hash: | 9349089d1c0ccedfebc7714c7fdffff9 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | git-askyesno.exe |
|---|---|
| File size: | 19'091 bytes |
| SHA256 hash: | 2a741e3434b93484cf58bf88d904b6e2f3fa30c229573a811e2d6b0e982dde65 |
| MD5 hash: | 21cd770cbf0de68f5c7090130d8c6507 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | SbieDll.dll |
|---|---|
| Pumped file | This file is pumped. MalwareBazaar has de-pumped it. |
| File size: | 851'265'690 bytes |
| SHA256 hash: | ffc45dfabf5098c89aff8409ef22f3a6738a3486932df5d3ca84ff047bc13dd3 |
| MD5 hash: | 9de68db77f52b258395ee361319d7063 |
| De-pumped file size: | 877'056 bytes (Vs. original size of 851'265'690 bytes) |
| De-pumped SHA256 hash: | f26b052feb67d280a516f80407855fcb7995e0bc21771145aaccb93a51c6324b |
| De-pumped MD5 hash: | 95565c6b8d341835760576a95e1fcc0d |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | pathinfo_basic1-win32.phpt |
|---|---|
| File size: | 10'764 bytes |
| SHA256 hash: | f45d2bf90f6950d77331fbdf344c4b46d9ff992d30cd28a951ddc23291e81fda |
| MD5 hash: | a7a933630ff99a2bc924fdbccc13e8b7 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | VssProviderStub.dll |
|---|---|
| File size: | 305'584 bytes |
| SHA256 hash: | 5f1c4a8413d77ef78d6dc18a2164bd390af3bd04d53f7d1a0b64b0e53744ae92 |
| MD5 hash: | 06dc417189b2a5abf0404e3d0b3f73e5 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | msys-iconv-2.dll |
|---|---|
| File size: | 1'082'798 bytes |
| SHA256 hash: | 9cbf5613b946be7bad403ac0d7277efbd514a35faa644c6a0d6e7f6cc0b40780 |
| MD5 hash: | 65c72577d2b76715e8465f9097b20f51 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | header_redirection_006.phpt |
|---|---|
| File size: | 278 bytes |
| SHA256 hash: | 4b0418c357ca87e14a961ece21368abdf5fc91135777d38550c5c2085799e4d3 |
| MD5 hash: | d37234c3a4700873e4a957e305f86392 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | ka.txt |
|---|---|
| File size: | 18'205 bytes |
| SHA256 hash: | b78defec49d07120b74c2172f3e07540314771b16729c6bbfc3a1902ece2eda0 |
| MD5 hash: | eb2af4dc4c28275ae1876523944d708e |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | 8859-2.txt |
|---|---|
| File size: | 10'816 bytes |
| SHA256 hash: | 5c81eca66455c5b36853c8a66495f58636643f6ddb261083d877a7f2a48287b7 |
| MD5 hash: | 9c338678a16843fd60fcd12602f767e5 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | ScreenColorLib.dll |
|---|---|
| File size: | 317'288 bytes |
| SHA256 hash: | 8a8361f1bede0a0512711cc4cd85123c032218a5e3a83e7429ca5431859439bd |
| MD5 hash: | 858d8b51df2d406ac540ce8bcc4e4cfe |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Microsoft.VisualStudio.Debugger.Parallel.resources.dll |
|---|---|
| File size: | 236'424 bytes |
| SHA256 hash: | 419b19cea63a79596df0dea44980bbca600ee0e87223806b29dce952986bc377 |
| MD5 hash: | 9ea3a61796daccda77b896a74caa5973 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Polly.dll |
|---|---|
| File size: | 276'952 bytes |
| SHA256 hash: | 22df63b07fd502f60f2cf850e29c2a7ea310375216bdb55bb963a48a2ea5a91d |
| MD5 hash: | fc7f9333ebde027cd439884348ec2f10 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | select_element.h |
|---|---|
| File size: | 689 bytes |
| SHA256 hash: | 90bb1d19ac8b6c5e6bb13b09304046ca09e41ac54d79dc81b0f80d148fe75f45 |
| MD5 hash: | 1f963171dacbe4e69f6fcd6858921f4c |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | dualiterator.inc |
|---|---|
| File size: | 5'117 bytes |
| SHA256 hash: | ff7adf25f98b806df9a69b91ac2403fb1f54a94f165157faf034477f4e855019 |
| MD5 hash: | ab01181f3ee67623326c21a6c3a9c0b3 |
| MIME type: | text/x-php |
| Signature | LummaStealer |
| File name: | bug44478.phpt |
|---|---|
| File size: | 605 bytes |
| SHA256 hash: | 75eb7eb36c5d4a15f4c7de51f9431e077130d1d172cdfd9808a2fe62e94d9a65 |
| MD5 hash: | d689a4b752d0dc90f24a4ee68ec4b84a |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | gopath_install.txt |
|---|---|
| File size: | 1'627 bytes |
| SHA256 hash: | 61192e33018db388b9a3fb52e3e79a0dbca40edb08ab9d5eb9df52b38580bf75 |
| MD5 hash: | 3525e4e6cec030e02c8db17887095f29 |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | SetThreadAffinityMaskX64.exe |
|---|---|
| File size: | 1'173'040 bytes |
| SHA256 hash: | a675cf2b997bafaad13cd65e80b358b3db022cc12a55b9143d015bc81cbe72e8 |
| MD5 hash: | 80a76f81a609e6b82d039884533cb0bd |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | bug65544.phpt |
|---|---|
| File size: | 363 bytes |
| SHA256 hash: | c426329edb0e72e099d62040f5852071bf4cd4f1b1b923d96a1df03ffbebf8c2 |
| MD5 hash: | 415169b03c897594392ce078c4472fb5 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | strrpos_variation3.phpt |
|---|---|
| File size: | 885 bytes |
| SHA256 hash: | bfc0c13975df825b4f6955d838c594a4a3e504202385165ab82f2e1a12df1232 |
| MD5 hash: | b8c24c5b72d81e9be2407abb35e55219 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | GENEX_NOTE.txt |
|---|---|
| File size: | 316 bytes |
| SHA256 hash: | 43a36a6665e4c53a1ae4d158154138e459f5848b1f923968500266cee0d16568 |
| MD5 hash: | c7e15da7de87db459a3f9e3ed7fa69f8 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Microsoft.ServiceHub.HostLib.dll |
|---|---|
| File size: | 256'032 bytes |
| SHA256 hash: | b147759b4e67f6086337fa7ef96b2f5dc971b5d96fc8f8cf438b6e7e72282dac |
| MD5 hash: | fd8286c40dff72e4d07e60953deabc35 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Bib.dll |
|---|---|
| File size: | 430'280 bytes |
| SHA256 hash: | 6e4f37a1fe2832ea777b453c0ba8c56fd4e45ae69246636e8502cae964906059 |
| MD5 hash: | 39f460c49bd35e4a0177dcf54f1a8710 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | file_put_contents_variation8-win32.phpt |
|---|---|
| File size: | 2'046 bytes |
| SHA256 hash: | d62d890d42311b3344453d16a258062ee4edad32a5777366fb90796ed442be0d |
| MD5 hash: | a941d7e400d250b2cfd9f563a7df0946 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | pdo_001.phpt |
|---|---|
| File size: | 1'176 bytes |
| SHA256 hash: | 4762b24792f2b3a3043132f71147374fcdce5394949775688d206bdd786eee36 |
| MD5 hash: | 9f76c5f83c9184fcd9825cec6dfdd919 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | printf_error.phpt |
|---|---|
| File size: | 1'964 bytes |
| SHA256 hash: | 0a3e2add5558ac2ac4018494654e31c66466b9b134bd71ac9af69aaf924aeed6 |
| MD5 hash: | 5da0a72164a634e1820ad9e158dc78ca |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | splfixedarray_offsetExists_larger.phpt |
|---|---|
| File size: | 268 bytes |
| SHA256 hash: | 5355ede40c65841f8475b6849079ef45238bb9e95817f22bdc13d7a4eec8e59e |
| MD5 hash: | 0adc682b61a98ecb1932669f1bd9aec0 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | bcmul_check_overflow.phpt |
|---|---|
| File size: | 616 bytes |
| SHA256 hash: | 5247570e31b30ae80542986c9c0950e2520f69c60fe327aa7eeaca0ce16de71a |
| MD5 hash: | a17d51df7f4181a5f658a5e4c02a265b |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Microsoft.WebTools.Azure.Client.dll |
|---|---|
| File size: | 1'319'352 bytes |
| SHA256 hash: | 184d32a45b9c9379fa8db5770c272b43ab5a87f67759166fff84f2b054a9a14e |
| MD5 hash: | 6d5937c2c8585285c0c8d12d5829750a |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | README_te.txt |
|---|---|
| File size: | 884 bytes |
| SHA256 hash: | 20c311f57374a8734d48426cca56e3a132daf65c3d01925f04cacf62ed82ffcf |
| MD5 hash: | 0c041dcb1d9bb1c91548c46b484be783 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Microsoft.VisualStudio.DesignTools.DesignerContract.dll |
|---|---|
| File size: | 389'568 bytes |
| SHA256 hash: | 5e5d74465ae49d48c08292e3f729f76249cafc061f2d99a1e00d623724b3aee6 |
| MD5 hash: | 6a42c872e8af25003ba57acae50c13be |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | DOMDocumentType_basic_001.phpt |
|---|---|
| File size: | 1'471 bytes |
| SHA256 hash: | e940e07f3cc41265f66ea84bed15a1ea32b6402fd4a70ab26f6c4f281adf469a |
| MD5 hash: | 28a55fec69f97b6db18c932f1cf5fd21 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | libnghttp2-14.dll |
|---|---|
| File size: | 212'367 bytes |
| SHA256 hash: | fe62132c79637f137e988b560cf756fe40ceba4974c004ef6ec2c63c0ccdaf7b |
| MD5 hash: | 623fc5f3ee3511d9e7a98210e352d895 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | InfO.gif |
|---|---|
| File size: | 98'430 bytes |
| SHA256 hash: | d1be11f08a3b49ce99b5336881b61febab1dd206b7386e4bd30dc760a918ada0 |
| MD5 hash: | 2f20f278990d7d43e8a4b99b2abcf2e1 |
| MIME type: | image/gif |
| Signature | LummaStealer |
| File name: | odbc_num_rows_001.phpt |
|---|---|
| File size: | 715 bytes |
| SHA256 hash: | f7be4741b92c2819fe68fd0d72698e80774034183884236dd3b603f10fe54b8f |
| MD5 hash: | f9963844bb4093302bb3174fe07cb73b |
| MIME type: | text/x-ruby |
| Signature | LummaStealer |
| File name: | shmetapdb.dll |
|---|---|
| File size: | 307'640 bytes |
| SHA256 hash: | 304f1398c3da8cd03aa88f792507caacd07e7967d6262b440b38e1dbdc271cdb |
| MD5 hash: | 15989fc1a1caa6ab7a9692a811a2bf0d |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | kpasswd.exe |
|---|---|
| File size: | 18'512 bytes |
| SHA256 hash: | 6fd2e405604d74bf065ccab3dadc760cc5446f65bf0279c2e91f73ef845a7406 |
| MD5 hash: | 712c02426e85bf81e0c0d9cd9aa551e6 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Microsoft.TeamFoundation.Build.Workflow.dll |
|---|---|
| File size: | 981'904 bytes |
| SHA256 hash: | 40aec879369e7acb4968e809bff2ff51c9f079c7487e311c5a0858acac3aa727 |
| MD5 hash: | 568bf2073a37fd8971f8c23dad84fbd1 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | libopenvpn_plap.dll |
|---|---|
| File size: | 941'344 bytes |
| SHA256 hash: | 1536b354f4d27a2dd541b4515901ab29d583f8a85e7127a845c7d0c78c856873 |
| MD5 hash: | 13f5de988ee972b356a8ae2476e8ac02 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | PkgdefMgmt.dll |
|---|---|
| File size: | 450'096 bytes |
| SHA256 hash: | 3a50f6991d25ef7a2a1e2fa6922d68198df3b9b14260f199caf9ddead98e7eba |
| MD5 hash: | ae0de67a127b0f1ae217c6f0a6283896 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | help.zh_CN.txt |
|---|---|
| File size: | 7'071 bytes |
| SHA256 hash: | 7bc19422e1c5031a034042ea6e6b8d5ec81857ff9ee4605e505a40105227f90e |
| MD5 hash: | 32711126514e9b5d9263a69ffd99349f |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Microsoft.WebTools.PackageManagement.dll |
|---|---|
| File size: | 353'208 bytes |
| SHA256 hash: | b32c8146c933d7e839bdf1d6f0a040e133a8a5ad0a40bb2bb0349a47929ab448 |
| MD5 hash: | 2a2791a368d680cfb967895aeb6c973b |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | throwing_error_handler_002.phpt |
|---|---|
| File size: | 455 bytes |
| SHA256 hash: | 7428def49ba6ba5d68b6b2567b51a75cee408e0bef4f326678b0c222f0ab82e6 |
| MD5 hash: | 363346a7b8a426d21a4c590679d93df4 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | asprlib.dll |
|---|---|
| File size: | 616'512 bytes |
| SHA256 hash: | 584c5df0cd394d8e29f1e4fa7e55597fceb3c0602d6928379d12bba7be7c5394 |
| MD5 hash: | f9a5ee32c4ed7fe0c4f3a19cfd34778b |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | profile08.phpt |
|---|---|
| File size: | 381 bytes |
| SHA256 hash: | 675319a655eb4b3efe14a9c74ba2bfb2b73563d958d064733366f0dc77cae79e |
| MD5 hash: | 1796c881aa2b4045c0f28c99f800c56b |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Rar.txt |
|---|---|
| File size: | 111'623 bytes |
| SHA256 hash: | 59334a8ffff612755a64a912389bc23fbc35933cf209f845bde34f055011b8a6 |
| MD5 hash: | b689a0cb8c288849febffafc2144576b |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Microsoft.TeamFoundation.TestManagement.Controls.dll |
|---|---|
| File size: | 428'976 bytes |
| SHA256 hash: | 601da1fb9e0f50008da68fead63e1ae13da9dad08088a580b6220ff7dad31687 |
| MD5 hash: | 5dde77788a35ddc1a86f6f3586c7ce6c |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | cpfecl.arm64.dll |
|---|---|
| File size: | 410'040 bytes |
| SHA256 hash: | f34c6f78ce15de11939e5e366e1b6a0e76d74b39659089ae576617a098e60d88 |
| MD5 hash: | a7d8c15351c35fec7b4ba1e908dcff73 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | pgsql_driver.stub.php |
|---|---|
| File size: | 1'602 bytes |
| SHA256 hash: | 38a53de1f86f885faa8a76ac2aed659b3c3488b1a4757067933a540a2e50584f |
| MD5 hash: | a077cc0d6ec02a011a70edc53835b59b |
| MIME type: | text/x-php |
| Signature | LummaStealer |
| File name: | libgail.dll |
|---|---|
| File size: | 310'556 bytes |
| SHA256 hash: | fe7b7322fcc5055d02d14a31635a8bd69f784795652677ab63c1f54761a3100d |
| MD5 hash: | 75fbe523a6b93fa5a46b986e99da08a4 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | variadic_argument_type_error.phpt |
|---|---|
| File size: | 497 bytes |
| SHA256 hash: | f5f2092a108e0f9e79f8f72f8f8629cc48969412ce9ce9d036274bda541dea01 |
| MD5 hash: | 2ab6392f127e4575525c4e4edf3335ba |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | libjpeg-8.dll |
|---|---|
| File size: | 235'998 bytes |
| SHA256 hash: | 75f63a0c76204b23ff48b6205bcc5c757cbf5489f9642a9ca1138c25fe1f0f6c |
| MD5 hash: | a7a9b7fd04eb848687f33a28dd56b576 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | oo_supported.phpt |
|---|---|
| File size: | 1'434 bytes |
| SHA256 hash: | 1bf7936e9b5e87f511becff403a932b532740139abbb8045308bb16f44d31bf6 |
| MD5 hash: | f7ad24ac899518481cc0d8ad1d887e7c |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | array_sum_objects_operation_no_cast.phpt |
|---|---|
| File size: | 716 bytes |
| SHA256 hash: | 0fdcbdfbc9e9bd0de1bf36ceffc0e8feb8449dffe1744f1661463ee61509b262 |
| MD5 hash: | 18c31a2a12cf88fe5d89c256c2b83474 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Microsoft.WebTools.Languages.LanguageServer.Server.dll |
|---|---|
| File size: | 201'144 bytes |
| SHA256 hash: | eb350a21216f59e567d890a9b9c83775463f117081f664a68bb9fce85318a913 |
| MD5 hash: | ab94520f5cabd24676769b0bab87c0db |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | crypt_blowfish.c |
|---|---|
| File size: | 31'352 bytes |
| SHA256 hash: | f3f115c759bf08bdb7f41a47fd8afdd7985ee51227298caa72530ffb14c10e94 |
| MD5 hash: | 84adc2d8c7f2dbf2bc724cce359d3433 |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | Microsoft.VisualStudio.ProjectSystem.Managed.dll |
|---|---|
| File size: | 1'345'400 bytes |
| SHA256 hash: | c96e7912cb70d44f44f9944fa31ac92ff88a594cf6f411faf2d227c0c542f585 |
| MD5 hash: | d9d662b0206d80ef6d4de5527dd02af2 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Microsoft.Pex.Framework.dll |
|---|---|
| File size: | 634'760 bytes |
| SHA256 hash: | ed30b279a155fda6d605790e7eb7e0f590a36ab40138254d2ea6d77e590e0505 |
| MD5 hash: | c4e9bcc08a25904e1cdd44d70c62f17c |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | msg_15.txt |
|---|---|
| File size: | 1'448 bytes |
| SHA256 hash: | 1669275ec677b4567ca6c0e80b6cebd0e34f8aabbd1418eec633c7f8ddb5e388 |
| MD5 hash: | a63ee84abd2909d5b80a81322a767206 |
| MIME type: | message/rfc822 |
| Signature | LummaStealer |
| File name: | scanf.c |
|---|---|
| File size: | 28'994 bytes |
| SHA256 hash: | 03e5c784522c25e2e12e4d76d698c4cffb3d9fb1e7769ac1fe6244c0fed1954d |
| MD5 hash: | 8d5b2370f01ce560bef0441a13411d84 |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | friedcake.mkv |
|---|---|
| File size: | 58'486 bytes |
| SHA256 hash: | 94dd5c2cb6de175c30fb4aadc0cb50f6be26a7f16a94fd5a0cc636a6716503c2 |
| MD5 hash: | 6a58dc29178394ad20cc2294a7d21005 |
| MIME type: | application/octet-stream |
| Signature | LummaStealer |
| File name: | AdobeXMP.dll |
|---|---|
| File size: | 980'168 bytes |
| SHA256 hash: | f6e584a509a991c3eb11a8d49b705def6bd43761a4b603a2b3b3703fad179a30 |
| MD5 hash: | e4599a47906608651c920f535fccb359 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | libxml2.dll |
|---|---|
| File size: | 1'323'360 bytes |
| SHA256 hash: | eebbf1b5c33d21ae221e3d6f902007efa0cc996f8863c2a0e7a83bfa4b3a22d5 |
| MD5 hash: | 1c2db5ca911f7c4a688fa062d6535cf0 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Microsoft.SqlServer.Management.ServiceManagement.dll |
|---|---|
| File size: | 313'744 bytes |
| SHA256 hash: | 0e5a6a4d826ca4b32823c8a14688e6737218e99fdb81245593e8f32d2491eaa9 |
| MD5 hash: | 4835b2626702e3619827cc6a29dfb952 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | zend_system_id.c |
|---|---|
| File size: | 3'330 bytes |
| SHA256 hash: | a606ad493ed2143d2b108c9b8bf7b0f467c828be26403e232a4d50887c69eed2 |
| MD5 hash: | 3b0f54e8e5a04d7e5d9e00efce9cc72d |
| MIME type: | text/x-c |
| Signature | LummaStealer |
| File name: | P303LocalUpdate.exe |
|---|---|
| File size: | 40'768 bytes |
| SHA256 hash: | dc590d9698d2be12a0d73c73d76d074c8bf2303c5323291cc7905dcf7baba040 |
| MD5 hash: | dd6709606f7808baa71609dd20a2d47d |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | Microsoft.VisualStudio.ErrorListPkg.dll |
|---|---|
| File size: | 465'840 bytes |
| SHA256 hash: | 9dc36a6660c950524d4d32f0e4d3e0d4bda680c0b6301fa7b2f3f2b70e38340b |
| MD5 hash: | 1f717a2fc767eb7b51ee3140c28ec1ef |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | os_qnx.txt |
|---|---|
| File size: | 4'071 bytes |
| SHA256 hash: | 93399033dc7758f0a78d97d806184796e71fa41e01de4e8b366bf1446c95bebf |
| MD5 hash: | 46cebd3b85231b19ab551552bdce51a7 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | 031.phpt |
|---|---|
| File size: | 565 bytes |
| SHA256 hash: | 5e77b8f2dfaadebaf41a3051f99edbca27e80fff9853116a96d3e5913397570c |
| MD5 hash: | 03744b04fa52a70b8fd2cb07cdc31246 |
| MIME type: | text/plain |
| Signature | LummaStealer |
| File name: | Microsoft.VisualStudio.TextMate.Core.dll |
|---|---|
| File size: | 302'608 bytes |
| SHA256 hash: | 3e43c93461928c06f924a345cbaeaca1a1350d351518d26cb595b322a160733a |
| MD5 hash: | 9d0497323dd3e8ffd596a33fa1152607 |
| MIME type: | application/x-dosexec |
| Signature | LummaStealer |
| File name: | read.it.zip |
|---|---|
| File size: | 5'982'856 bytes |
| SHA256 hash: | 2ab2ddfaa0574b156762855c4287d9df618db180709b9b51b4949b03828a0ffe |
| MD5 hash: | f15fa0ecf50d8e43682606dd1e2a7b31 |
| MIME type: | application/zip |
| Signature | LummaStealer |
Vendor Threat Intelligence
Verdict:
Malicious
Score:
91.7%
Tags:
ransomware infosteal extens sage
Result
Verdict:
UNKNOWN
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
YARA Signatures
MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.
| Rule name: | Check_Dlls |
|---|
| Rule name: | DebuggerCheck__API |
|---|---|
| Reference: | https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara |
| Rule name: | DebuggerCheck__QueryInfo |
|---|---|
| Reference: | https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara |
| Rule name: | DebuggerHiding__Thread |
|---|---|
| Reference: | https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara |
| Rule name: | Sus_Obf_Enc_Spoof_Hide_PE |
|---|---|
| Author: | XiAnzheng |
| Description: | Check for Overlay, Obfuscating, Encrypting, Spoofing, Hiding, or Entropy Technique(can create FP) |
| Rule name: | ThreadControl__Context |
|---|---|
| Reference: | https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara |
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Web download
LummaStealer
7z fdd0de08cbe1977e557fb86244b55f8f764d3196f449c27f78a8c868ea73a791
(this sample)
exe Delivery method
Distributed via web download
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.