poullight | 87eb0ce5d7bb6cec573eea2b2a1fc70d89c346898ea9a7ab526fc7452654bb68 | Triage

Sharing

General

Target

437ad402765ba53d5d6880017bb8bb6c
Size

5.4MB
Sample

240105-ms2tgaahh2
MD5

437ad402765ba53d5d6880017bb8bb6c
SHA1

fc2bf7bdb6658c587e5e7e46c50fa2a87ed513ce
SHA256

87eb0ce5d7bb6cec573eea2b2a1fc70d89c346898ea9a7ab526fc7452654bb68
SHA512

03cf9158c92b75689a3039da90e50ab434d67ece662b65b1bdcf6598237423daec4d6c7721217338459ef9523691269220026224f10d8f6ffae1f5caffe739da
SSDEEP

98304:UwojYc9Co4KVfY+GBHEtlyl01wKookyOvcE8Rh4MP0GYn0tsiC5+fmq3HwD9PUKe:b0Yy4OfY+Gf01o3vcEQhlXe0tC5+WxPC

Score

10^/10

poullight stealer trojan

Malware Config

Targets

- Target
  
  Loader/Loader.exe
- Size
  
  3.1MB
- MD5
  
  101e969cb9e549d113836856f526d4b5
- SHA1
  
  9361431a7d69e92e20f163f10fc5a3b40c27bd0a
- SHA256
  
  8cf069c7b965893d12c9df25b24a60594693a158b8209d21f5d7213fc5ed41eb
- SHA512
  
  01f858a4c9b329f8696880fbff6b886cfae6e793afb448f79734cb7ea149baeaa3deaeec0bf62a34bfed5f634331ac4d6be7fee971588cba8921d7c41761ba00
- SSDEEP
  
  49152:XpFctP0vfTi05cfHQDVaztRT5hvEy87QS6J:XpFWPOCQQd2QSm
Score

10^/10

poullight stealer trojan
- Poullight
  Poullight is an information stealer first seen in March 2020.
  trojan stealer poullight
- Poullight Stealer payload
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  Loader/etc/luIelD.dll
- Size
  
  2.9MB
- MD5
  
  4752c15e18992f946e5d22ac017afe65
- SHA1
  
  783110dbfc5598a773265ee925df6f2814e89ce4
- SHA256
  
  215931f9665cc1e3d195579c26269fd91075a81937e539e95aeb3a36d401ba8d
- SHA512
  
  3d2d4e9b46ad2570536b1281f385d877f03f2fc7aff34d6fb206d7eefa8a9e629b81cfc48fe949420040253eed8a7d8cb1458f714ecf1f6159368969316811c6
- SSDEEP
  
  49152:P+4TMh932FULUE/xuMWaPFkpI7D0C2LyEi:PHMhYFUJ/vUGwO
Score

1^/10
behavioral3 behavioral4
- Target
  
  Loader/php5ts.dll
- Size
  
  6.5MB
- MD5
  
  c9aff68f6673fae7580527e8c76805b6
- SHA1
  
  bb62cc1db82cfe07a8c08a36446569dfc9c76d10
- SHA256
  
  9b2c8b8c4cec301c4303f58ca4e8b261d516f10feb24573b092dfccc263baea4
- SHA512
  
  c7836f46e535046562046fdd8d3264cd712a78c0f41eab152c88ea91b17d34f000e2387ded7e9e7b3410332354aabf8ca7d37729eb68e46ab5ce58936e63ac56
- SSDEEP
  
  98304:NIj1qYT5UnbVloeFVRFHFq0N8WaumOQp0BAUZLtYX:KEPLPFHFZNKumOQp0VRE
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

poullightstealertrojan

behavioral2

poullightstealertrojan

behavioral3

behavioral4

behavioral5

behavioral6