General

  • Target

    3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130

  • Size

    222KB

  • Sample

    221001-3kcsdadcgm

  • MD5

    6a3bdf1d8367c7a0f89a57b5a5e59c50

  • SHA1

    4c78f1c1ebecc5877fb60cebc99c26c04284c226

  • SHA256

    3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130

  • SHA512

    cd27703b64a41630c4b4189c4730a87c5ac4ba6fc79d55610dc77024c62986f7579770594bbfbbb4ac715fada73768c50de59348f3b7da41a418955b10a819c2

  • SSDEEP

    3072:8U4f+fkjZt7fF0L2vMCDiu0Y8RxwLRMcR9aBeWvfxLWDwHeWJ2NJucbPvJ1nlYZC:81i+f3uBmLbR9JWJWmJYJuEvPr

Malware Config

Targets

    • Target

      3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130

    • Size

      222KB

    • MD5

      6a3bdf1d8367c7a0f89a57b5a5e59c50

    • SHA1

      4c78f1c1ebecc5877fb60cebc99c26c04284c226

    • SHA256

      3c25d30d67337013406e7155b35ee19fb646af4e46e437e940aae8c08d8ca130

    • SHA512

      cd27703b64a41630c4b4189c4730a87c5ac4ba6fc79d55610dc77024c62986f7579770594bbfbbb4ac715fada73768c50de59348f3b7da41a418955b10a819c2

    • SSDEEP

      3072:8U4f+fkjZt7fF0L2vMCDiu0Y8RxwLRMcR9aBeWvfxLWDwHeWJ2NJucbPvJ1nlYZC:81i+f3uBmLbR9JWJWmJYJuEvPr

    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks