Overview

overview

10

Static

static

10

lunacy cra...o2.zip

windows10-1703-x64

1

lunacy cra...o2.zip

windows10-2004-x64

1

lunacy cra...o2.zip

windows11-21h2-x64

Resubmissions

05/05/2024, 09:05

240505-k2pjdsdb7x 10

05/05/2024, 08:46

240505-kpcn3acg2t 10

05/05/2024, 08:36

240505-khv7tscd7z 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    lunacy crackeeddd @powergirlso2.zip

  • Size

    789.0MB

  • Sample

    240505-k2pjdsdb7x

  • MD5

    b0720aa977d1e0002e2260a546d39522

  • SHA1

    aff96a6a4d53777eebc10e12b3a90c8149f28905

  • SHA256

    276e3b0c29ed9dcead5ad20d1e2debd5d39e95c0e8e7c1d6cb185c8abe9402e1

  • SHA512

    d38e641e9ca658c379fa67abf5e5e040119e4cdc6cea80d48269aea94544589043774c9c3d398dfeb952a37940c74ce49ea075b98ea02653bcb0c67362284ee9

  • SSDEEP

    25165824:NG8xADy2aPt6/soSbs/gr55G2lOthFvs3OkQ:NXWa46bs/QjG2lOthBs3a

Score
10/10
privateloaderevasionpersistenceransomware

Malware Config

Targets

    • Target

      lunacy crackeeddd @powergirlso2.zip

    • Size

      789.0MB

    • MD5

      b0720aa977d1e0002e2260a546d39522

    • SHA1

      aff96a6a4d53777eebc10e12b3a90c8149f28905

    • SHA256

      276e3b0c29ed9dcead5ad20d1e2debd5d39e95c0e8e7c1d6cb185c8abe9402e1

    • SHA512

      d38e641e9ca658c379fa67abf5e5e040119e4cdc6cea80d48269aea94544589043774c9c3d398dfeb952a37940c74ce49ea075b98ea02653bcb0c67362284ee9

    • SSDEEP

      25165824:NG8xADy2aPt6/soSbs/gr55G2lOthFvs3OkQ:NXWa46bs/QjG2lOthBs3a

    Score
    9/10
    evasionpersistenceransomware

    • Renames multiple (53) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks