General
-
Target
c4c2fe92cb601c0cc6ac87b5541d7c1a462801942475351c4dfda26296faefa6
-
Size
420KB
-
Sample
221126-12mykacd5w
-
MD5
082511600ec66244ec7ffe1a57c6f6ea
-
SHA1
f7a942011e8969fde4e196f496b497a5694e747f
-
SHA256
c4c2fe92cb601c0cc6ac87b5541d7c1a462801942475351c4dfda26296faefa6
-
SHA512
3d8dbb120d10243af503f0d24ea225b281919046db21ac0f6cd980480d8e4e41ac5a53a1904011ac9161893c1cf550cdbf1cd7b9dca2c7e605475da84e839ea0
-
SSDEEP
12288:NWmWT0MI9WCedrA70Hd6lHnBhqITb3bDTt0BiOLzu3WT:MmWTE9WCSrGdtBtTbOBQ3
Malware Config
Targets
-
-
Target
c4c2fe92cb601c0cc6ac87b5541d7c1a462801942475351c4dfda26296faefa6
-
Size
420KB
-
MD5
082511600ec66244ec7ffe1a57c6f6ea
-
SHA1
f7a942011e8969fde4e196f496b497a5694e747f
-
SHA256
c4c2fe92cb601c0cc6ac87b5541d7c1a462801942475351c4dfda26296faefa6
-
SHA512
3d8dbb120d10243af503f0d24ea225b281919046db21ac0f6cd980480d8e4e41ac5a53a1904011ac9161893c1cf550cdbf1cd7b9dca2c7e605475da84e839ea0
-
SSDEEP
12288:NWmWT0MI9WCedrA70Hd6lHnBhqITb3bDTt0BiOLzu3WT:MmWTE9WCSrGdtBtTbOBQ3
Score10/10-
Luminosity
Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-