General

  • Target

    a2e5e2051fda36150b9c28d797df1ba2917c0c5f4279419efa8902890748b347

  • Size

    313KB

  • Sample

    210228-52gv4rvgbs

  • MD5

    298b03aacf618a8010c3db5b420627ae

  • SHA1

    1668cfd05ca70d5acc1174c18d673c529fce402f

  • SHA256

    a2e5e2051fda36150b9c28d797df1ba2917c0c5f4279419efa8902890748b347

  • SHA512

    6bde1e09d0599c4bc2e9b91880499bc00dec4fe37b32348c66973522116e664fb197c562aaa1e3becdc425a85b01128f298d92cd6f9898c8c059c6c16d13fe45

Malware Config

Targets

    • Target

      a2e5e2051fda36150b9c28d797df1ba2917c0c5f4279419efa8902890748b347

    • Size

      313KB

    • MD5

      298b03aacf618a8010c3db5b420627ae

    • SHA1

      1668cfd05ca70d5acc1174c18d673c529fce402f

    • SHA256

      a2e5e2051fda36150b9c28d797df1ba2917c0c5f4279419efa8902890748b347

    • SHA512

      6bde1e09d0599c4bc2e9b91880499bc00dec4fe37b32348c66973522116e664fb197c562aaa1e3becdc425a85b01128f298d92cd6f9898c8c059c6c16d13fe45

    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks