Overview

overview

10

Static

static

SecuriteIn...57.exe

windows7-x64

10

SecuriteIn...57.exe

windows10-2004-x64

8

Resubmissions

01-12-2022 16:35

221201-t345xagb67 10

23-11-2022 19:33

221123-x9kavshd23 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Heuristic.HEUR.AGEN.1253469.14711.357.exe

  • Size

    17.6MB

  • Sample

    221123-x9kavshd23

  • MD5

    8c2a390aa7833720b374a720a6d06e4d

  • SHA1

    188ec1a33bfd028333bcc3f6e96d2dbbdf01367f

  • SHA256

    eedeb7539b2f680304e81c08f27372bc5459b8e406872f8ea939065e466f0774

  • SHA512

    ac9bac95c37944ef7bb053126d5e5ba67c74562434b7bd4cb6f4c54e1d1cef8204990d670920f48af1cf26fb59ac422c0ccfe0075940cfe9c45e995897b86a07

  • SSDEEP

    98304:BMSVESq5M3ClAD3sXHLQTyaQRO+YwWcRImg0cHQwb4CsB/wpDm7qCOPXwRalZLCt:2SSSP7sNavN7mg0mlb3DDdDP0

Score
10/10
lucastealerspywarestealer

Malware Config

Targets

    • Target

      SecuriteInfo.com.Heuristic.HEUR.AGEN.1253469.14711.357.exe

    • Size

      17.6MB

    • MD5

      8c2a390aa7833720b374a720a6d06e4d

    • SHA1

      188ec1a33bfd028333bcc3f6e96d2dbbdf01367f

    • SHA256

      eedeb7539b2f680304e81c08f27372bc5459b8e406872f8ea939065e466f0774

    • SHA512

      ac9bac95c37944ef7bb053126d5e5ba67c74562434b7bd4cb6f4c54e1d1cef8204990d670920f48af1cf26fb59ac422c0ccfe0075940cfe9c45e995897b86a07

    • SSDEEP

      98304:BMSVESq5M3ClAD3sXHLQTyaQRO+YwWcRImg0cHQwb4CsB/wpDm7qCOPXwRalZLCt:2SSSP7sNavN7mg0mlb3DDdDP0

    Score
    10/10
    lucastealerspywarestealer

    • Luca Stealer

      Info stealer written in Rust first seen in July 2022.

      stealerlucastealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Tasks