Overview

overview

10

Static

static

348e3fd080...81.vbs

windows7_x64

10

348e3fd080...81.vbs

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    348e3fd080c8002b826be2577ffa3bc64f263aa779c9f8ff88e4642c294c4381

  • Size

    13KB

  • Sample

    220128-1heg3sefb9

  • MD5

    4aed0075ccb90c72dfd7b6ae3edc2d62

  • SHA1

    9946084ede7c2017b98ffae193513a5b4fca4b9d

  • SHA256

    348e3fd080c8002b826be2577ffa3bc64f263aa779c9f8ff88e4642c294c4381

  • SHA512

    26a5b91fc1b0d2914f50c478240cc79391ba33c299e77f2cf7c9eac7d8dcae3ce6cca7ea474cb91050942ab207acbfb74180419952ebf23a2aef9416e2303967

Score
10/10
lampionbankertrojan

Malware Config

Targets

    • Target

      348e3fd080c8002b826be2577ffa3bc64f263aa779c9f8ff88e4642c294c4381

    • Size

      13KB

    • MD5

      4aed0075ccb90c72dfd7b6ae3edc2d62

    • SHA1

      9946084ede7c2017b98ffae193513a5b4fca4b9d

    • SHA256

      348e3fd080c8002b826be2577ffa3bc64f263aa779c9f8ff88e4642c294c4381

    • SHA512

      26a5b91fc1b0d2914f50c478240cc79391ba33c299e77f2cf7c9eac7d8dcae3ce6cca7ea474cb91050942ab207acbfb74180419952ebf23a2aef9416e2303967

    Score
    10/10
    lampionbankertrojan

    • Lampion

      Lampion is a banking trojan, targeting Portuguese speaking countries.

      trojanbankerlampion

    • Blocklisted process makes network request

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks