lu0bot | 0297bbb0f00b3f591894ebcf042f2c6b0ed52e6662def1a9dbca0f8d20133cee | Triage

Submit
Reports

Overview

overview

Static

static

usfive_202...56.exe

windows7_x64

usfive_202...56.exe

windows10_x64

Sharing

General

Target

usfive_20210818-031956
Size

2KB
Sample

210818-dd58xx2gsa
MD5

4a6ac8d48c9793c0c852a6ac93ba2002
SHA1

cdc7a9cf8ee36099c823779ac2dd8ffe3a84d723
SHA256

0297bbb0f00b3f591894ebcf042f2c6b0ed52e6662def1a9dbca0f8d20133cee
SHA512

3aacced9817519ae31ed2bc4cf4063b2eb0a1c9e9addbcb9e08b3431f519ca0a8a6a8962e1039835a48e50cb52cd08d21cad642a66822c288d2b0a88541c361e

Score

10^/10

lu0bot discovery stealer suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

usfive_20210818-031956.exe

Resource

win7v20210410

lu0bot discovery stealer suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

usfive_20210818-031956.exe

Resource

win10v20210410

lu0bot discovery stealer suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  usfive_20210818-031956
- Size
  
  2KB
- MD5
  
  4a6ac8d48c9793c0c852a6ac93ba2002
- SHA1
  
  cdc7a9cf8ee36099c823779ac2dd8ffe3a84d723
- SHA256
  
  0297bbb0f00b3f591894ebcf042f2c6b0ed52e6662def1a9dbca0f8d20133cee
- SHA512
  
  3aacced9817519ae31ed2bc4cf4063b2eb0a1c9e9addbcb9e08b3431f519ca0a8a6a8962e1039835a48e50cb52cd08d21cad642a66822c288d2b0a88541c361e
Score

10^/10

lu0bot discovery stealer suricata trojan
- Lu0bot
  Lu0bot is a lightweight infostealer written in NodeJS.
  trojan stealer lu0bot
- suricata: ET MALWARE lu0bot Loader HTTP Request
  suricata: ET MALWARE lu0bot Loader HTTP Request
  suricata
- suricata: ET MALWARE lu0bot Loader HTTP Response
  suricata: ET MALWARE lu0bot Loader HTTP Response
  suricata
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

File Permissions Modification

Hidden Files and Directories

Credential Access

Discovery

System Information Discovery

Query Registry

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lu0botdiscoverystealersuricatatrojan

behavioral2

lu0botdiscoverystealersuricatatrojan

© 2018-2024

Terms | Privacy