lampion | 07f5932be35a720a74fc10e7ee6011fa2a8ee4c6df7cf9a6f06bfdc7bd5ec4a1 | Triage

Sharing

General

Target

07f5932be35a720a74fc10e7ee6011fa2a8ee4c6df7cf9a6f06bfdc7bd5ec4a1
Size

22KB
Sample

220128-2hj81afff2
MD5

6d5196d8d9cd129b0f257f07ede9e6ab
SHA1

14095c55c59db1f8bc00de1781a6641bf2657d65
SHA256

07f5932be35a720a74fc10e7ee6011fa2a8ee4c6df7cf9a6f06bfdc7bd5ec4a1
SHA512

4dc375ebb0a26d1b92ecad9611098e425b9a02c0bf95bf4271ae88e1a931091ca6ed8f088a728affa2d59935e1243c5ed9263bb059d0fa6609e507e6d1b2f004

Score

10^/10

lampion banker trojan

Malware Config

Targets

- Target
  
  07f5932be35a720a74fc10e7ee6011fa2a8ee4c6df7cf9a6f06bfdc7bd5ec4a1
- Size
  
  22KB
- MD5
  
  6d5196d8d9cd129b0f257f07ede9e6ab
- SHA1
  
  14095c55c59db1f8bc00de1781a6641bf2657d65
- SHA256
  
  07f5932be35a720a74fc10e7ee6011fa2a8ee4c6df7cf9a6f06bfdc7bd5ec4a1
- SHA512
  
  4dc375ebb0a26d1b92ecad9611098e425b9a02c0bf95bf4271ae88e1a931091ca6ed8f088a728affa2d59935e1243c5ed9263bb059d0fa6609e507e6d1b2f004
Score

10^/10

lampion banker trojan
- Lampion
  Lampion is a banking trojan, targeting Portuguese speaking countries.
  trojan banker lampion
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lampionbankertrojan

behavioral2

lampionbankertrojan