Overview

overview

10

Static

static

33f6daf3ee...58.vbs

windows7_x64

10

33f6daf3ee...58.vbs

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33f6daf3ee3b851800b5928b41fc208ac915d5ec2ffb3ebe13490c474c6cef58

  • Size

    24KB

  • Sample

    220128-1htl1aefd2

  • MD5

    2e98d98e8a55a16ad16cdc1130e5d729

  • SHA1

    84bce822d684af2425115292ae930dea77e8a5b0

  • SHA256

    33f6daf3ee3b851800b5928b41fc208ac915d5ec2ffb3ebe13490c474c6cef58

  • SHA512

    e6662e8120b5d148a3f6a68c6c5045c17fa40400b90461e9c4ec2e2870e3ee1e6e4caf356af6e6758c165b335a4672e3324929658fb0853ca70c375183a9cc3d

Score
10/10
lampionbankertrojan

Malware Config

Targets

    • Target

      33f6daf3ee3b851800b5928b41fc208ac915d5ec2ffb3ebe13490c474c6cef58

    • Size

      24KB

    • MD5

      2e98d98e8a55a16ad16cdc1130e5d729

    • SHA1

      84bce822d684af2425115292ae930dea77e8a5b0

    • SHA256

      33f6daf3ee3b851800b5928b41fc208ac915d5ec2ffb3ebe13490c474c6cef58

    • SHA512

      e6662e8120b5d148a3f6a68c6c5045c17fa40400b90461e9c4ec2e2870e3ee1e6e4caf356af6e6758c165b335a4672e3324929658fb0853ca70c375183a9cc3d

    Score
    10/10
    lampionbankertrojan

    • Lampion

      Lampion is a banking trojan, targeting Portuguese speaking countries.

      trojanbankerlampion

    • Blocklisted process makes network request

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks