General

  • Target

    usfive_20210818-031956

  • Size

    2KB

  • Sample

    210818-dd58xx2gsa

  • MD5

    4a6ac8d48c9793c0c852a6ac93ba2002

  • SHA1

    cdc7a9cf8ee36099c823779ac2dd8ffe3a84d723

  • SHA256

    0297bbb0f00b3f591894ebcf042f2c6b0ed52e6662def1a9dbca0f8d20133cee

  • SHA512

    3aacced9817519ae31ed2bc4cf4063b2eb0a1c9e9addbcb9e08b3431f519ca0a8a6a8962e1039835a48e50cb52cd08d21cad642a66822c288d2b0a88541c361e

Malware Config

Targets

    • Target

      usfive_20210818-031956

    • Size

      2KB

    • MD5

      4a6ac8d48c9793c0c852a6ac93ba2002

    • SHA1

      cdc7a9cf8ee36099c823779ac2dd8ffe3a84d723

    • SHA256

      0297bbb0f00b3f591894ebcf042f2c6b0ed52e6662def1a9dbca0f8d20133cee

    • SHA512

      3aacced9817519ae31ed2bc4cf4063b2eb0a1c9e9addbcb9e08b3431f519ca0a8a6a8962e1039835a48e50cb52cd08d21cad642a66822c288d2b0a88541c361e

    • Lu0bot

      Lu0bot is a lightweight infostealer written in NodeJS.

    • suricata: ET MALWARE lu0bot Loader HTTP Request

      suricata: ET MALWARE lu0bot Loader HTTP Request

    • suricata: ET MALWARE lu0bot Loader HTTP Response

      suricata: ET MALWARE lu0bot Loader HTTP Response

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.