Overview

overview

10

Static

static

2fcc3b332c...e3.exe

windows7-x64

10

2fcc3b332c...e3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2fcc3b332c728c4d820b5c4e242ff60b75b79eb5dc48fb4ebfe484161b7908e3.bin

  • Size

    5.1MB

  • Sample

    220803-qe9hyabdd6

  • MD5

    2ebbff36fc0f41916d130d49552bf545

  • SHA1

    b2306e181530a4123392d200f1292eddb63e4488

  • SHA256

    2fcc3b332c728c4d820b5c4e242ff60b75b79eb5dc48fb4ebfe484161b7908e3

  • SHA512

    81fafcf34b210da7404f606bfeb81746724b1efeb62f9d08cf2d0df02bb575ca70370b9e027db57d3a18bd3cfa5ae9f101be1cc05d4551d72ac1916eefeca6cf

  • SSDEEP

    49152:UyNK+CTNrCx1e4SJ8sOMuXwwg+QqFbgQGsSHyU3Z2Xs+vxO2B2w9aeTC+0QEOuAa:9qT0xjpoRHyGodJ76lszwv

Score
10/10
lucastealerspywarestealer

Malware Config

Targets

    • Target

      2fcc3b332c728c4d820b5c4e242ff60b75b79eb5dc48fb4ebfe484161b7908e3.bin

    • Size

      5.1MB

    • MD5

      2ebbff36fc0f41916d130d49552bf545

    • SHA1

      b2306e181530a4123392d200f1292eddb63e4488

    • SHA256

      2fcc3b332c728c4d820b5c4e242ff60b75b79eb5dc48fb4ebfe484161b7908e3

    • SHA512

      81fafcf34b210da7404f606bfeb81746724b1efeb62f9d08cf2d0df02bb575ca70370b9e027db57d3a18bd3cfa5ae9f101be1cc05d4551d72ac1916eefeca6cf

    • SSDEEP

      49152:UyNK+CTNrCx1e4SJ8sOMuXwwg+QqFbgQGsSHyU3Z2Xs+vxO2B2w9aeTC+0QEOuAa:9qT0xjpoRHyGodJ76lszwv

    Score
    10/10
    lucastealerspywarestealer

    • Luca Stealer

      Info stealer written in Rust first seen in July 2022.

      stealerlucastealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Tasks