General

  • Target

    5ef6194fb3933d672ef6eabfe3d5dcac757ad90cb60b843f6b1d51b869e1c67e

  • Size

    631KB

  • Sample

    220731-xcgtgabfd4

  • MD5

    760c7ab3a4fef37d342cae926c2a035f

  • SHA1

    a60e42682cf18b4a40446657c36c21a650b39d8e

  • SHA256

    5ef6194fb3933d672ef6eabfe3d5dcac757ad90cb60b843f6b1d51b869e1c67e

  • SHA512

    4e3def883030f7e41db6df960d0f2f7d65e4cacf8668fef95cb1eececcffe1a355665ff4961fc75df4eacd8e0472310790c35d0e7b75d2a1ea406fd0f9757f31

Score
10/10

Malware Config

Targets

    • Target

      5ef6194fb3933d672ef6eabfe3d5dcac757ad90cb60b843f6b1d51b869e1c67e

    • Size

      631KB

    • MD5

      760c7ab3a4fef37d342cae926c2a035f

    • SHA1

      a60e42682cf18b4a40446657c36c21a650b39d8e

    • SHA256

      5ef6194fb3933d672ef6eabfe3d5dcac757ad90cb60b843f6b1d51b869e1c67e

    • SHA512

      4e3def883030f7e41db6df960d0f2f7d65e4cacf8668fef95cb1eececcffe1a355665ff4961fc75df4eacd8e0472310790c35d0e7b75d2a1ea406fd0f9757f31

    Score
    10/10
    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks