lampion | 418dbcf5f8d5ad7e16a0bb48c1e14cb269bf5bd814f0a70c3aa90ce787136047 | Triage

Sharing

General

Target

418dbcf5f8d5ad7e16a0bb48c1e14cb269bf5bd814f0a70c3aa90ce787136047
Size

13KB
Sample

220128-z88yyaeda6
MD5

3350e74a4cfa020f9b256194eae25c12
SHA1

7f5960ff9feff30d2f4a4c1598dd22632ceea0cb
SHA256

418dbcf5f8d5ad7e16a0bb48c1e14cb269bf5bd814f0a70c3aa90ce787136047
SHA512

0e880c29ebfd77bfd17713b1fef3f8d6177c6d34d456bf74150d48c6ce9b608fb654410fb724f6e04343abe5716b839c693bca66feb904b49569a11cf696b7fb

Score

10^/10

lampion banker trojan

Malware Config

Targets

- Target
  
  418dbcf5f8d5ad7e16a0bb48c1e14cb269bf5bd814f0a70c3aa90ce787136047
- Size
  
  13KB
- MD5
  
  3350e74a4cfa020f9b256194eae25c12
- SHA1
  
  7f5960ff9feff30d2f4a4c1598dd22632ceea0cb
- SHA256
  
  418dbcf5f8d5ad7e16a0bb48c1e14cb269bf5bd814f0a70c3aa90ce787136047
- SHA512
  
  0e880c29ebfd77bfd17713b1fef3f8d6177c6d34d456bf74150d48c6ce9b608fb654410fb724f6e04343abe5716b839c693bca66feb904b49569a11cf696b7fb
Score

10^/10

lampion banker trojan
- Lampion
  Lampion is a banking trojan, targeting Portuguese speaking countries.
  trojan banker lampion
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lampionbankertrojan

behavioral2

lampionbankertrojan