Analysis
-
max time kernel
120s -
max time network
133s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
07-04-2024 19:33
Behavioral task
behavioral1
Sample
Luna Grabber Builder.exe
Resource
win7-20240221-en
General
-
Target
Luna Grabber Builder.exe
-
Size
18.9MB
-
MD5
b68a3093e0f77802255c0c21ab540b7b
-
SHA1
762d66d54be02964d5e8ab4dc2695d66fe484c6a
-
SHA256
66954378817928c48d4296a2b7bb60e7a899a5a18529b43cf35a64196e3ed754
-
SHA512
4ff87677faf9903c86d9cbfc73e5972b88a922682797e358c83b916aa5681b0063e2c748076c1b3f6f9b99e169da4c0fd8cefc3e3c7b2c6203edba647a953a4c
-
SSDEEP
393216:3xAlniYXPu8BRq/m3pznlPSF3VqevE8LzdChd1lr:OliYXP5qKznlEqescsl
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
Luna Grabber Builder.exepid process 1720 Luna Grabber Builder.exe -
Processes:
resource yara_rule C:\Users\Admin\AppData\Local\Temp\_MEI21442\python311.dll upx -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
Luna Grabber Builder.exedescription pid process target process PID 2144 wrote to memory of 1720 2144 Luna Grabber Builder.exe Luna Grabber Builder.exe PID 2144 wrote to memory of 1720 2144 Luna Grabber Builder.exe Luna Grabber Builder.exe PID 2144 wrote to memory of 1720 2144 Luna Grabber Builder.exe Luna Grabber Builder.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Luna Grabber Builder.exe"C:\Users\Admin\AppData\Local\Temp\Luna Grabber Builder.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2144 -
C:\Users\Admin\AppData\Local\Temp\Luna Grabber Builder.exe"C:\Users\Admin\AppData\Local\Temp\Luna Grabber Builder.exe"2⤵
- Loads dropped DLL
PID:1720
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD553b1a9474ddc3a31adf72011dc8da780
SHA136f476d318acca6a12d3625b02cb14ab19534db7
SHA256357e545f47b605682328566a8df692dc22e4ea2ab37686788c3416b3813addc7
SHA512290c070eaf324476bfda676fc547ee42479a239b11192b654604862d53de1f1752a2f1b212dc15b3a22787a6469d6ec22ced98b7bb7d5f7c618602bbd12b7881