General

  • Target

    c1e3a631270b1ed51d96082a2de11c61c7a3910f48334e4e12b8b4e916cdd593

  • Size

    275KB

  • Sample

    221126-13zzhsce5s

  • MD5

    7ab36258b2737c9c524ef86e4dac3fc1

  • SHA1

    06d53f520f2bfa22d67b72c50f25a09d3e6f1c13

  • SHA256

    c1e3a631270b1ed51d96082a2de11c61c7a3910f48334e4e12b8b4e916cdd593

  • SHA512

    9ababe89f7ea2a61545d04c3166bf095e09067e679361bbe2c244e0df19b1c9badbbd2069c095beea0bf10601a4c3b41ca89329a7eea06b855e199de4a122dad

  • SSDEEP

    6144:fCCDSlq4ubyCk/shcc4TmF41NKOU9d7Z3+Gsk4h1151Lzk:aCsq4OUc9D7+im1jX

Malware Config

Targets

    • Target

      c1e3a631270b1ed51d96082a2de11c61c7a3910f48334e4e12b8b4e916cdd593

    • Size

      275KB

    • MD5

      7ab36258b2737c9c524ef86e4dac3fc1

    • SHA1

      06d53f520f2bfa22d67b72c50f25a09d3e6f1c13

    • SHA256

      c1e3a631270b1ed51d96082a2de11c61c7a3910f48334e4e12b8b4e916cdd593

    • SHA512

      9ababe89f7ea2a61545d04c3166bf095e09067e679361bbe2c244e0df19b1c9badbbd2069c095beea0bf10601a4c3b41ca89329a7eea06b855e199de4a122dad

    • SSDEEP

      6144:fCCDSlq4ubyCk/shcc4TmF41NKOU9d7Z3+Gsk4h1151Lzk:aCsq4OUc9D7+im1jX

    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks