lampion | 6be47a0e90c156e136a72dd94af8d0217fb4152c0dc6171702ceaa306d62e857 | Triage

Submit
Reports

Overview

overview

Static

static

6be47a0e90...57.vbs

windows7_x64

6be47a0e90...57.vbs

windows10-2004_x64

8

Sharing

General

Target

6be47a0e90c156e136a72dd94af8d0217fb4152c0dc6171702ceaa306d62e857
Size

24KB
Sample

220520-g1h4fadfe5
MD5

c66f748e72e6070e0e7a99f1e9b3e29c
SHA1

5f1342f7d84032945cb2cfc0935e2c0a1229d3e8
SHA256

6be47a0e90c156e136a72dd94af8d0217fb4152c0dc6171702ceaa306d62e857
SHA512

153ccaf14b33c62be399db5e05463914b7361ed077f80c821d348639f11c6fa228aa31dda6e7ed9064c63f23715bb28190f92dc838de3a969cf5f9a03b3ab10e

Score

10^/10

lampion banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

6be47a0e90c156e136a72dd94af8d0217fb4152c0dc6171702ceaa306d62e857.vbs

Resource

win7-20220414-en

lampion banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6be47a0e90c156e136a72dd94af8d0217fb4152c0dc6171702ceaa306d62e857.vbs

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6be47a0e90c156e136a72dd94af8d0217fb4152c0dc6171702ceaa306d62e857
- Size
  
  24KB
- MD5
  
  c66f748e72e6070e0e7a99f1e9b3e29c
- SHA1
  
  5f1342f7d84032945cb2cfc0935e2c0a1229d3e8
- SHA256
  
  6be47a0e90c156e136a72dd94af8d0217fb4152c0dc6171702ceaa306d62e857
- SHA512
  
  153ccaf14b33c62be399db5e05463914b7361ed077f80c821d348639f11c6fa228aa31dda6e7ed9064c63f23715bb28190f92dc838de3a969cf5f9a03b3ab10e
Score

10^/10

lampion banker trojan
- Lampion
  Lampion is a banking trojan, targeting Portuguese speaking countries.
  trojan banker lampion
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lampionbankertrojan

behavioral2

© 2018-2024

Terms | Privacy