Overview

overview

10

Static

static

fdbec49b64...38.exe

windows7-x64

10

fdbec49b64...38.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fdbec49b64538bf251f75185538566d5ee27547e927d8e0161fba43542afdf38

  • Size

    137KB

  • Sample

    221126-tpqqcsfg64

  • MD5

    46f5fb806140c5da4c67328fb848cb7d

  • SHA1

    59b63fe6fbe0021359f6031d7385396b1a771a06

  • SHA256

    fdbec49b64538bf251f75185538566d5ee27547e927d8e0161fba43542afdf38

  • SHA512

    941cf87101fc3fd880e12cf50702c8ce756a5909a13ae3ad14ffba026f08aca065d7eb058659cd5b16fd09bd2c2f275d2138d68a3dbd71b1c1ff5272d6d5f12a

  • SSDEEP

    3072:BZQcPoOSj4Nohwz83RPXCyjHr0Aot4REQ7AvRjLNfxmm9on:0cPoOSjwz8hPXtjL0/H5bNI

Score
10/10
luminosityrat

Malware Config

Targets

    • Target

      fdbec49b64538bf251f75185538566d5ee27547e927d8e0161fba43542afdf38

    • Size

      137KB

    • MD5

      46f5fb806140c5da4c67328fb848cb7d

    • SHA1

      59b63fe6fbe0021359f6031d7385396b1a771a06

    • SHA256

      fdbec49b64538bf251f75185538566d5ee27547e927d8e0161fba43542afdf38

    • SHA512

      941cf87101fc3fd880e12cf50702c8ce756a5909a13ae3ad14ffba026f08aca065d7eb058659cd5b16fd09bd2c2f275d2138d68a3dbd71b1c1ff5272d6d5f12a

    • SSDEEP

      3072:BZQcPoOSj4Nohwz83RPXCyjHr0Aot4REQ7AvRjLNfxmm9on:0cPoOSjwz8hPXtjL0/H5bNI

    Score
    10/10
    luminosityrat

    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

      ratluminosity

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks