lu0bot

Resubmissions

08-07-2021 17:16

210708-gb6jgck9tn 10

30-06-2021 09:49

210630-xqqb1qk7ax 10

Sharing

Copy URL

Twitter E-mail

General

Target

usfive_20210630-104612
Size

3KB
Sample

210708-gb6jgck9tn
MD5

79fa77b796300ef5bafb6bcee46fc30f
SHA1

e6ba2132d8058c0532492da00aaec117fff56df4
SHA256

4c99457625e752a03693aab64e2b5129eff89872c649194e81bd87809ed1ae13
SHA512

0ae044695cffc50eb1c112ee85e37d0e0c9779c4f6bbbbabb6cd85771ac408414dfd3f804f8175fb56a6d995b259f830cbd6f2380cecb08975955e63f0204faf

Score

10^/10

Malware Config

Targets

- Target
  
  usfive_20210630-104612
- Size
  
  3KB
- MD5
  
  79fa77b796300ef5bafb6bcee46fc30f
- SHA1
  
  e6ba2132d8058c0532492da00aaec117fff56df4
- SHA256
  
  4c99457625e752a03693aab64e2b5129eff89872c649194e81bd87809ed1ae13
- SHA512
  
  0ae044695cffc50eb1c112ee85e37d0e0c9779c4f6bbbbabb6cd85771ac408414dfd3f804f8175fb56a6d995b259f830cbd6f2380cecb08975955e63f0204faf
Score

10^/10

lu0bot discovery stealer trojan
- Lu0bot
  Lu0bot is a lightweight infostealer written in NodeJS.
  trojan stealer lu0bot
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

T1059

Persistence

Hidden Files and Directories

T1158

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Hidden Files and Directories

T1158

Credential Access

Discovery

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Executes dropped EXE

Loads dropped DLL

Modifies file permissions

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2