lampion | 2298b7ee6aeb19cd6c9e2f3ae6377e1cf5aab0d2d3f3102d4d51683c79a91da8 | Triage

Submit
Reports

Overview

overview

Static

static

2298b7ee6a...a8.vbs

windows7_x64

2298b7ee6a...a8.vbs

windows10_x64

8

Sharing

General

Target

2298b7ee6aeb19cd6c9e2f3ae6377e1cf5aab0d2d3f3102d4d51683c79a91da8
Size

20KB
Sample

220128-1xwpxafaf4
MD5

591a3ed820a2528a2e382e7d08aba957
SHA1

d1cb1ccc7ebabdb8ba1575eee9b7f9e546664763
SHA256

2298b7ee6aeb19cd6c9e2f3ae6377e1cf5aab0d2d3f3102d4d51683c79a91da8
SHA512

010a8e54da686d211354879ea6d9d020a9ca4403592242c9d85dc9447ffb474ded90b5ab0d0f782250838fa3c6885b2693b19fc737b5e5d94b0c66f296b27a10

Score

10^/10

lampion banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

2298b7ee6aeb19cd6c9e2f3ae6377e1cf5aab0d2d3f3102d4d51683c79a91da8.vbs

Resource

win7-en-20211208

lampion banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2298b7ee6aeb19cd6c9e2f3ae6377e1cf5aab0d2d3f3102d4d51683c79a91da8.vbs

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2298b7ee6aeb19cd6c9e2f3ae6377e1cf5aab0d2d3f3102d4d51683c79a91da8
- Size
  
  20KB
- MD5
  
  591a3ed820a2528a2e382e7d08aba957
- SHA1
  
  d1cb1ccc7ebabdb8ba1575eee9b7f9e546664763
- SHA256
  
  2298b7ee6aeb19cd6c9e2f3ae6377e1cf5aab0d2d3f3102d4d51683c79a91da8
- SHA512
  
  010a8e54da686d211354879ea6d9d020a9ca4403592242c9d85dc9447ffb474ded90b5ab0d0f782250838fa3c6885b2693b19fc737b5e5d94b0c66f296b27a10
Score

10^/10

lampion banker trojan
- Lampion
  Lampion is a banking trojan, targeting Portuguese speaking countries.
  trojan banker lampion
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lampionbankertrojan

behavioral2

© 2018-2024

Terms | Privacy