General

  • Target

    06ebf59f231e2a63fedf10b2e2ee3e367bf913a65062eaeec46dd2cdd294b38b

  • Size

    577KB

  • Sample

    221126-13q2lsce3y

  • MD5

    72166df5654821060163883236185475

  • SHA1

    5c5dcafc6fe414a3e4148afd43bc2e0f09147e0a

  • SHA256

    06ebf59f231e2a63fedf10b2e2ee3e367bf913a65062eaeec46dd2cdd294b38b

  • SHA512

    50bac38ff70b625e4a8d3c7946e494f148a2bb94915b4d7fb377725cc9adf562c0a8f9f1a6f26c0122c9c5020e776e70a292ef4bf47ec100eac3325d67705e06

  • SSDEEP

    12288:Y+vFS0CRTjP3MfUkxJNzC+u7+QqHth90aMHGeVi0j:YGFSrTjPMvvm+t994Ha

Malware Config

Targets

    • Target

      06ebf59f231e2a63fedf10b2e2ee3e367bf913a65062eaeec46dd2cdd294b38b

    • Size

      577KB

    • MD5

      72166df5654821060163883236185475

    • SHA1

      5c5dcafc6fe414a3e4148afd43bc2e0f09147e0a

    • SHA256

      06ebf59f231e2a63fedf10b2e2ee3e367bf913a65062eaeec46dd2cdd294b38b

    • SHA512

      50bac38ff70b625e4a8d3c7946e494f148a2bb94915b4d7fb377725cc9adf562c0a8f9f1a6f26c0122c9c5020e776e70a292ef4bf47ec100eac3325d67705e06

    • SSDEEP

      12288:Y+vFS0CRTjP3MfUkxJNzC+u7+QqHth90aMHGeVi0j:YGFSrTjPMvvm+t994Ha

    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks