lucastealer | 8acf346f8e6cc412c42bcf827a01fc8b22ce643aa8088f025e2320c43c145f28 | Triage

Submit
Reports

Overview

overview

Static

static

e7e1825173...da.exe

windows7-x64

e7e1825173...da.exe

windows10-2004-x64

Sharing

General

Target

e7e1825173152caddc73e659c39b956f666f4348e7163be34fc9b3eb14ffdbda.zip
Size

1.8MB
Sample

230316-vfrrqsec2w
MD5

56ef247248ffc596ee7ca4904971c274
SHA1

b90ac6f4fc3099a3891a3fc8d7480351767c424a
SHA256

8acf346f8e6cc412c42bcf827a01fc8b22ce643aa8088f025e2320c43c145f28
SHA512

67fbda9739a8f51e3c06dd7401a31a0c53f991cc7ffd1ae4a0675855d4ebe0fc180b991dfec777aa0bd76e8f2da0565ab77584522d1a81520e37fe678903c6fb
SSDEEP

49152:Tqx+oqhahGZtB6slRk7hl173N3JnmIBoJvalNXIpQ:S+oqhaqtB6KqlBp9mioJAC2

Score

10^/10

lucastealer spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e7e1825173152caddc73e659c39b956f666f4348e7163be34fc9b3eb14ffdbda.exe

Resource

win7-20230220-en

lucastealer spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e7e1825173152caddc73e659c39b956f666f4348e7163be34fc9b3eb14ffdbda.exe

Resource

win10v2004-20230220-en

lucastealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  e7e1825173152caddc73e659c39b956f666f4348e7163be34fc9b3eb14ffdbda
- Size
  
  3.6MB
- MD5
  
  6ea2e54163f59cc8a7b73e38cce87071
- SHA1
  
  6a92ebd7713ce02161da0fced34581c0d3921ab4
- SHA256
  
  e7e1825173152caddc73e659c39b956f666f4348e7163be34fc9b3eb14ffdbda
- SHA512
  
  639482bdd1b21f3b1ea42dd6d53e5552af1d5a4bd94e5b110e4cb0b5fcab8675b04ed1ed00dac4f6a0f4295e2396cd3976031c6adb4d9b5e075d5bae253d0846
- SSDEEP
  
  49152:NTOx9LzpCkE4m85goOiG73wv6R8fKHIOC5ATFru2+Jm+4s2AfBJk/xoIHZqgKMHg:dFGAjpo12bZKMuk
Score

10^/10

lucastealer spyware stealer
- Luca Stealer
  Info stealer written in Rust first seen in July 2022.
  stealer lucastealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lucastealerspywarestealer

behavioral2

lucastealerspywarestealer

© 2018-2024

Terms | Privacy