This week we have been working through a maintenance sprint focusing on improving core services in UnpacMe. We have also updated several malware configuration extractors such as Azorult & AsyncRat, and added new extractors for LummaStealer and Remcos.
LummaStealer was first observed in-the-wild (ITW) in August of 2022. The stealer contains functionality commonly observed in other similar malware families, such as the targeting crypto currency wallets and browser data.
An example of the extracted LummaStealer configuration is shown below.
An example of the extracted Remcos configuration is shown below.
As always, if you have any feedback or issues please let us know.