lu0bot | 4c31eccb460bef397e6100e1ecd85c3a2b823b893a9a9add4bb83fde8f9b122b | Triage

Submit
Reports

Overview

overview

Static

static

usfive_202...21.exe

windows7_x64

usfive_202...21.exe

windows10_x64

Sharing

General

Target

usfive_20210819-215421
Size

2KB
Sample

210819-hsk68crzej
MD5

3e06325ec38f23fd8f26216641963d44
SHA1

ebbc18e69b89136ca4ea7cbd2bcd801aa4fbfb73
SHA256

4c31eccb460bef397e6100e1ecd85c3a2b823b893a9a9add4bb83fde8f9b122b
SHA512

f2e6fbcfca6733b9b7aac9f5bd3c41899dd1a6b3a1ee9caff1bc3274c307fc84565e74b88af87e107507ba813e2994d943fca8b2cdee15348567fa0720e238f2

Score

10^/10

lu0bot discovery stealer suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

usfive_20210819-215421.exe

Resource

win7v20210408

lu0bot discovery stealer suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

usfive_20210819-215421.exe

Resource

win10v20210410

lu0bot discovery stealer suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  usfive_20210819-215421
- Size
  
  2KB
- MD5
  
  3e06325ec38f23fd8f26216641963d44
- SHA1
  
  ebbc18e69b89136ca4ea7cbd2bcd801aa4fbfb73
- SHA256
  
  4c31eccb460bef397e6100e1ecd85c3a2b823b893a9a9add4bb83fde8f9b122b
- SHA512
  
  f2e6fbcfca6733b9b7aac9f5bd3c41899dd1a6b3a1ee9caff1bc3274c307fc84565e74b88af87e107507ba813e2994d943fca8b2cdee15348567fa0720e238f2
Score

10^/10

lu0bot discovery stealer suricata trojan
- Lu0bot
  Lu0bot is a lightweight infostealer written in NodeJS.
  trojan stealer lu0bot
- suricata: ET MALWARE lu0bot Loader HTTP Request
  suricata: ET MALWARE lu0bot Loader HTTP Request
  suricata
- suricata: ET MALWARE lu0bot Loader HTTP Response
  suricata: ET MALWARE lu0bot Loader HTTP Response
  suricata
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

File Permissions Modification

Hidden Files and Directories

Credential Access

Discovery

System Information Discovery

Query Registry

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lu0botdiscoverystealersuricatatrojan

behavioral2

lu0botdiscoverystealersuricatatrojan

© 2018-2024

Terms | Privacy