General
-
Target
48e0d8ec788c1ded6e3b5aa3c794bf78964d4f88e37fe413cc31ee0b3fa2a70b
-
Size
365KB
-
Sample
221127-crjamace68
-
MD5
3cabbb2c59f3342738849df67f6fda83
-
SHA1
63106d091a7bb4242fe82bbc062f22639bf915ef
-
SHA256
48e0d8ec788c1ded6e3b5aa3c794bf78964d4f88e37fe413cc31ee0b3fa2a70b
-
SHA512
b75defb8a04a00455d55b3d0d90a6bfac797d3f47e9b1ce816f9c6becdd941a35b68fbfc04b337fe3750083bf9e0f9a1bb8488b15ccfc3e624de76ac79f0e711
-
SSDEEP
6144:WXV+JnRQtCJmM+mKwYpzyAtmLbR9JWJWdlU3hJ272Ja2P4337MqjrEVGPjk7ngIk:eAROuRvEvla2P4brEyjk7ngYsP
Malware Config
Targets
-
-
Target
48e0d8ec788c1ded6e3b5aa3c794bf78964d4f88e37fe413cc31ee0b3fa2a70b
-
Size
365KB
-
MD5
3cabbb2c59f3342738849df67f6fda83
-
SHA1
63106d091a7bb4242fe82bbc062f22639bf915ef
-
SHA256
48e0d8ec788c1ded6e3b5aa3c794bf78964d4f88e37fe413cc31ee0b3fa2a70b
-
SHA512
b75defb8a04a00455d55b3d0d90a6bfac797d3f47e9b1ce816f9c6becdd941a35b68fbfc04b337fe3750083bf9e0f9a1bb8488b15ccfc3e624de76ac79f0e711
-
SSDEEP
6144:WXV+JnRQtCJmM+mKwYpzyAtmLbR9JWJWdlU3hJ272Ja2P4337MqjrEVGPjk7ngIk:eAROuRvEvla2P4brEyjk7ngYsP
Score10/10-
Luminosity
Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-