General
-
Target
3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130
-
Size
222KB
-
Sample
221001-3kcsdadcgm
-
MD5
6a3bdf1d8367c7a0f89a57b5a5e59c50
-
SHA1
4c78f1c1ebecc5877fb60cebc99c26c04284c226
-
SHA256
3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130
-
SHA512
cd27703b64a41630c4b4189c4730a87c5ac4ba6fc79d55610dc77024c62986f7579770594bbfbbb4ac715fada73768c50de59348f3b7da41a418955b10a819c2
-
SSDEEP
3072:8U4f+fkjZt7fF0L2vMCDiu0Y8RxwLRMcR9aBeWvfxLWDwHeWJ2NJucbPvJ1nlYZC:81i+f3uBmLbR9JWJWmJYJuEvPr
Static task
static1
Behavioral task
behavioral1
Sample
3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130
-
Size
222KB
-
MD5
6a3bdf1d8367c7a0f89a57b5a5e59c50
-
SHA1
4c78f1c1ebecc5877fb60cebc99c26c04284c226
-
SHA256
3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130
-
SHA512
cd27703b64a41630c4b4189c4730a87c5ac4ba6fc79d55610dc77024c62986f7579770594bbfbbb4ac715fada73768c50de59348f3b7da41a418955b10a819c2
-
SSDEEP
3072:8U4f+fkjZt7fF0L2vMCDiu0Y8RxwLRMcR9aBeWvfxLWDwHeWJ2NJucbPvJ1nlYZC:81i+f3uBmLbR9JWJWmJYJuEvPr
Score10/10-
Luminosity
Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-