General

  • Target

    47d5797ef03933dea5dae24061dfefb0209890bb32852deb303a585c8bb23d00

  • Size

    476KB

  • Sample

    221029-bvb52sfbb4

  • MD5

    f336990aa9a506bea6ea273f5653638e

  • SHA1

    3d3d15712d242c2cf3ccce328cd54188d00ee81c

  • SHA256

    47d5797ef03933dea5dae24061dfefb0209890bb32852deb303a585c8bb23d00

  • SHA512

    a4338a7b2ea44d66e2eb0949a808964b0ceb1c1306e6e7ff8bc35b7de6a4030216b81033c4f8c6268b2e3676bb0e92f501729452ac9fa71a7781b0cd7b2cb005

  • SSDEEP

    6144:yAKXPCNarAF3uy2N+lyp8BgspPkX62THjPiUhbI0BJ0qse9Z2709:PK9rAF3L2N+lK8pkX9/iUhbdFd

Malware Config

Targets

    • Target

      47d5797ef03933dea5dae24061dfefb0209890bb32852deb303a585c8bb23d00

    • Size

      476KB

    • MD5

      f336990aa9a506bea6ea273f5653638e

    • SHA1

      3d3d15712d242c2cf3ccce328cd54188d00ee81c

    • SHA256

      47d5797ef03933dea5dae24061dfefb0209890bb32852deb303a585c8bb23d00

    • SHA512

      a4338a7b2ea44d66e2eb0949a808964b0ceb1c1306e6e7ff8bc35b7de6a4030216b81033c4f8c6268b2e3676bb0e92f501729452ac9fa71a7781b0cd7b2cb005

    • SSDEEP

      6144:yAKXPCNarAF3uy2N+lyp8BgspPkX62THjPiUhbI0BJ0qse9Z2709:PK9rAF3L2N+lK8pkX9/iUhbdFd

    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks