General
-
Target
6af87a9e7baeb38bc0aee84fb505a53f_JaffaCakes118
-
Size
1.0MB
-
Sample
240523-pv1qasab9s
-
MD5
6af87a9e7baeb38bc0aee84fb505a53f
-
SHA1
afe6ee7d43cbc89bdf416fbd96d43ac0883d6f6a
-
SHA256
e3cab08c80b5ca08d9b65e2fbde171b5c386f45b95b0863e7ec019eca07a43aa
-
SHA512
27cde2c1b1150d0c7294bc7aa1eba1ed6e32e8341bda162f050a2cfbfe84040d9587399c7d31c41fa38ee0d076610d6cad6d77f7dbbf6adf2eb0c47a99ac5a60
-
SSDEEP
12288:4P4wN/lTUyEs2t4/3VwcBXDxFFpZwCCUOkr77s7Cgrd+OJTK/f70WdqKxPvz7Cs/:W/a4fjdDHZp77QrIITKfguz7Csblia
Malware Config
Targets
-
-
Target
6af87a9e7baeb38bc0aee84fb505a53f_JaffaCakes118
-
Size
1.0MB
-
MD5
6af87a9e7baeb38bc0aee84fb505a53f
-
SHA1
afe6ee7d43cbc89bdf416fbd96d43ac0883d6f6a
-
SHA256
e3cab08c80b5ca08d9b65e2fbde171b5c386f45b95b0863e7ec019eca07a43aa
-
SHA512
27cde2c1b1150d0c7294bc7aa1eba1ed6e32e8341bda162f050a2cfbfe84040d9587399c7d31c41fa38ee0d076610d6cad6d77f7dbbf6adf2eb0c47a99ac5a60
-
SSDEEP
12288:4P4wN/lTUyEs2t4/3VwcBXDxFFpZwCCUOkr77s7Cgrd+OJTK/f70WdqKxPvz7Cs/:W/a4fjdDHZp77QrIITKfguz7Csblia
Score10/10-
Luminosity
Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1