lucastealer | 686055eb8d7ff01db297adb4dbf58c7ec6778206204f7940cf07cf9f47f1dbb8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

My Logo.txt

windows10-2004-x64

Sharing

General

Target

My Logo.txt
Size

396B
Sample

231214-vwtk9sfddk
MD5

3b314c9a5197892cce631c43979142db
SHA1

25a704a6a5e13dd08dab3b715314d0b3e176d770
SHA256

686055eb8d7ff01db297adb4dbf58c7ec6778206204f7940cf07cf9f47f1dbb8
SHA512

6e95b42a3e49727a92f9f1d7d2b248d1120457aec148b2dec2d1f3e9fb2f8f207815f7d7ae43866f789854a565f83d915a4f49e5a855c42bb20e86359770333f

Score

10^/10

lucastealer spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

My Logo.txt

Resource

win10v2004-20231127-en

lucastealer spyware stealer upx

windows10-2004-x64

17 signatures

1800 seconds

Malware Config

Targets

- Target
  
  My Logo.txt
- Size
  
  396B
- MD5
  
  3b314c9a5197892cce631c43979142db
- SHA1
  
  25a704a6a5e13dd08dab3b715314d0b3e176d770
- SHA256
  
  686055eb8d7ff01db297adb4dbf58c7ec6778206204f7940cf07cf9f47f1dbb8
- SHA512
  
  6e95b42a3e49727a92f9f1d7d2b248d1120457aec148b2dec2d1f3e9fb2f8f207815f7d7ae43866f789854a565f83d915a4f49e5a855c42bb20e86359770333f
Score

10^/10

lucastealer spyware stealer upx
- Luca Stealer
  Info stealer written in Rust first seen in July 2022.
  stealer lucastealer
- Downloads MZ/PE file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

lucastealerspywarestealerupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.