General
-
Target
virus.zip
-
Size
16.0MB
-
Sample
240423-zbbxyabf58
-
MD5
1c9c996bfdbbd415ca2aff166ff48729
-
SHA1
4d1ff76686b1fb53522b470023ae0e182b7b20fe
-
SHA256
12fc424a6c322359e58218aba9d2c821a2ef17e02a45c44fc5c57bdf88e6b9e8
-
SHA512
e05574ee571183ca994327d0e1c2f7cb298e49e2b5351f763818f358c2a3276bd55b090c1ec4dee3a6b57324c8265148dd2fe4d7eda316c464f64db0e0ab9b6f
-
SSDEEP
393216:vmTMO1sRdMT097LU6YDws6hqJ1Usk/wkvoSQ4F:OTlIMTwPZE1UzvHQ4F
Behavioral task
behavioral1
Sample
virus.zip
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
virus.zip
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
virus/luna-grabber-builder.exe
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
virus/luna-grabber-builder.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
luna-grabber-builder.pyc
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
luna-grabber-builder.pyc
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
virus.zip
-
Size
16.0MB
-
MD5
1c9c996bfdbbd415ca2aff166ff48729
-
SHA1
4d1ff76686b1fb53522b470023ae0e182b7b20fe
-
SHA256
12fc424a6c322359e58218aba9d2c821a2ef17e02a45c44fc5c57bdf88e6b9e8
-
SHA512
e05574ee571183ca994327d0e1c2f7cb298e49e2b5351f763818f358c2a3276bd55b090c1ec4dee3a6b57324c8265148dd2fe4d7eda316c464f64db0e0ab9b6f
-
SSDEEP
393216:vmTMO1sRdMT097LU6YDws6hqJ1Usk/wkvoSQ4F:OTlIMTwPZE1UzvHQ4F
Score1/10 -
-
-
Target
virus/luna-grabber-builder.exe
-
Size
16.1MB
-
MD5
c10889acd0429b59267bf7886047cb53
-
SHA1
7de695b5ec21344068913c2d9c6a94b6b9ace14e
-
SHA256
b549380956b6ad927687462f09495c81b1f11e86e588d61ec4de26e66ac6d6bb
-
SHA512
20e4914a566860e06c7365984f4c31ffd597563a7842c5554b4c6a997d386f471fd8aaea9e981203e9554b41d9957b34a6bb2a158711d6b59f24145ac2bd40af
-
SSDEEP
393216:bv90+5gDkTh2Jp5MwurEUWjsrz7E5PKk9buK+x:T9PvThidb8z7bkEK+
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
luna-grabber-builder.pyc
-
Size
45KB
-
MD5
bbd63abf1ff2ae56ad0acf0fb3160baa
-
SHA1
b1f5cf9741ce9a626d7688ce332364743ff52264
-
SHA256
d9f8be4e75563672e2924db68492329726f343d526bd3790bd7cf6fdc061de9c
-
SHA512
16e8bd74e0eb4570ad31efd856c2f4b2d32d52384db5f049272db095b415496e776bc4e6eb36167df470a9e658815d69578da096be0147314f8e3ff6491fedca
-
SSDEEP
768:n9JWa9CqcKoMENNHkJ82F3kTVNVNCAMQo3UA0HnAgd7dSFtHtKu9ETdDlhLx3p9:n9JWa9CvKo7NNHkJLtkTH79MQoknHnAU
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-