General

  • Target

    a46470252300473bd2f6b703c07323fe567557c6195d392d7273ea981c95dd69

  • Size

    2.0MB

  • Sample

    220328-x6v8yseac5

  • MD5

    aa2029141de945ce6e875597eab77db7

  • SHA1

    8a67d1126de4280741a24a65c1a81a631e036fbc

  • SHA256

    a46470252300473bd2f6b703c07323fe567557c6195d392d7273ea981c95dd69

  • SHA512

    fb9ea5b20b2ee22caaff999e07fc77d7e197db9e3e898638f083e4ddb4b53a1a0b3d6ed3c8925dffb7c96435ceb1352a89f265f0b38ebad0a4f52d892d9b91c2

Score
10/10

Malware Config

Targets

    • Target

      a46470252300473bd2f6b703c07323fe567557c6195d392d7273ea981c95dd69

    • Size

      2.0MB

    • MD5

      aa2029141de945ce6e875597eab77db7

    • SHA1

      8a67d1126de4280741a24a65c1a81a631e036fbc

    • SHA256

      a46470252300473bd2f6b703c07323fe567557c6195d392d7273ea981c95dd69

    • SHA512

      fb9ea5b20b2ee22caaff999e07fc77d7e197db9e3e898638f083e4ddb4b53a1a0b3d6ed3c8925dffb7c96435ceb1352a89f265f0b38ebad0a4f52d892d9b91c2

    Score
    10/10
    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

    • Executes dropped EXE

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks