Overview

overview

10

Static

static

1

My Logo.txt

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    My Logo.txt

  • Size

    396B

  • Sample

    231214-vwtk9sfddk

  • MD5

    3b314c9a5197892cce631c43979142db

  • SHA1

    25a704a6a5e13dd08dab3b715314d0b3e176d770

  • SHA256

    686055eb8d7ff01db297adb4dbf58c7ec6778206204f7940cf07cf9f47f1dbb8

  • SHA512

    6e95b42a3e49727a92f9f1d7d2b248d1120457aec148b2dec2d1f3e9fb2f8f207815f7d7ae43866f789854a565f83d915a4f49e5a855c42bb20e86359770333f

Score
10/10
lucastealerspywarestealerupx

Malware Config

Targets

    • Target

      My Logo.txt

    • Size

      396B

    • MD5

      3b314c9a5197892cce631c43979142db

    • SHA1

      25a704a6a5e13dd08dab3b715314d0b3e176d770

    • SHA256

      686055eb8d7ff01db297adb4dbf58c7ec6778206204f7940cf07cf9f47f1dbb8

    • SHA512

      6e95b42a3e49727a92f9f1d7d2b248d1120457aec148b2dec2d1f3e9fb2f8f207815f7d7ae43866f789854a565f83d915a4f49e5a855c42bb20e86359770333f

    Score
    10/10
    lucastealerspywarestealerupx

    • Luca Stealer

      Info stealer written in Rust first seen in July 2022.

      stealerlucastealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks