Overview

overview

10

Static

static

usfive_202...53.exe

windows7_x64

10

usfive_202...53.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    usfive_20210721-104153

  • Size

    3KB

  • Sample

    210721-5866m5fwhe

  • MD5

    876cfa83c871bc2271cf0a6edfa83ca6

  • SHA1

    8167442ce336011ce497bbe979fb8ece5a8d3a91

  • SHA256

    2828e711f09ecf56ea9f8125361c7aa9301787d35eac993c1de86e24acfee49c

  • SHA512

    c56641934d1ecafa9f2483d4daeb4dbb0b38b1636e34aee0380d4daf537bfdf09509bb79de8e9657efc614dd03e8ca3fc37652d7a1cd8be34565948d16be4fbd

Score
10/10
lu0botdiscoverystealertrojan

Malware Config

Targets

    • Target

      usfive_20210721-104153

    • Size

      3KB

    • MD5

      876cfa83c871bc2271cf0a6edfa83ca6

    • SHA1

      8167442ce336011ce497bbe979fb8ece5a8d3a91

    • SHA256

      2828e711f09ecf56ea9f8125361c7aa9301787d35eac993c1de86e24acfee49c

    • SHA512

      c56641934d1ecafa9f2483d4daeb4dbb0b38b1636e34aee0380d4daf537bfdf09509bb79de8e9657efc614dd03e8ca3fc37652d7a1cd8be34565948d16be4fbd

    Score
    10/10
    lu0botdiscoverystealertrojan

    • Lu0bot

      Lu0bot is a lightweight infostealer written in NodeJS.

      trojanstealerlu0bot

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks