Overview

overview

10

Static

static

usfive_20210629.exe

windows7_x64

10

usfive_20210629.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    usfive_20210629

  • Size

    2KB

  • Sample

    210629-mgk91xw8e2

  • MD5

    09353c5898ccf513210a58fb9bb369e7

  • SHA1

    bb664adcc58466a0b158651a9e4216dbfd08607b

  • SHA256

    28918d35a5f4103695d04817fd2ac7de977d316a0cc94dad3b3f124f030686bc

  • SHA512

    0cd0a4f8b38b92d9bf46f2e068ce99917a7835b8bcb4a9ec4b0d3e7d570f34f48252e4e82df5f1fffc075aa82ae9c3eaab0e4e943de56f5003c97efd78c44e15

Score
10/10
lu0botdiscoverystealertrojan

Malware Config

Targets

    • Target

      usfive_20210629

    • Size

      2KB

    • MD5

      09353c5898ccf513210a58fb9bb369e7

    • SHA1

      bb664adcc58466a0b158651a9e4216dbfd08607b

    • SHA256

      28918d35a5f4103695d04817fd2ac7de977d316a0cc94dad3b3f124f030686bc

    • SHA512

      0cd0a4f8b38b92d9bf46f2e068ce99917a7835b8bcb4a9ec4b0d3e7d570f34f48252e4e82df5f1fffc075aa82ae9c3eaab0e4e943de56f5003c97efd78c44e15

    Score
    10/10
    lu0botdiscoverystealertrojan

    • Lu0bot

      Lu0bot is a lightweight infostealer written in NodeJS.

      trojanstealerlu0bot

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks