General
-
Target
7429ab3cf6e571cd46858f3622871df6_JaffaCakes118
-
Size
2.2MB
-
Sample
240526-drczaach21
-
MD5
7429ab3cf6e571cd46858f3622871df6
-
SHA1
438c2eb39f7197633bb68a600aaae28b030bd3af
-
SHA256
38f65385a0767c22fb3fb3c181ad1dcd576dd9f623ef6aa3df6c01e2b50d5c61
-
SHA512
2b99ec08e81268641a9f29c8fbbbb0cd676f7827dca41a50e57102c049a6be01869c644fad9767a61b25c6e074c831ecf147e3904b0a91ee6fcbf2130078354d
-
SSDEEP
49152:SsCLhKGH34Djiys9l7E2eE/XsCLhKGH34Djiys9l7E2eE/z:8rH34viyMd7R/hrH34viyMd7R/z
Malware Config
Targets
-
-
Target
e-catalog.pdf.scr
-
Size
1.2MB
-
MD5
3f379c45cf293566709f473ea1f38125
-
SHA1
825af50daf0146a5f16aa6e3f59fa5320def4735
-
SHA256
94b795d57617222666cc16d4c9928841d781ba8d2406a188314e51a48f5d10da
-
SHA512
7a124fe558e4d8d1aed01be8d5d9720e7fc07d2f4a7215392eb4e4883e2191820a2e45f36c922e49aa2989301f379f43361d11558b43f4b6d814140eb6e90add
-
SSDEEP
24576:s+o/NuOhnPXVW9+E7a64d968HFghHqnqXg6cU9KXLNJCR+0MNDjCO4pF:IlvnPlW9+En4d08lghHqqQqoGsDjCNF
Score10/10-
Luminosity
Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.
-
Adds Run key to start application
-
-
-
Target
e-cataloge.pdf.exe
-
Size
1.2MB
-
MD5
3f379c45cf293566709f473ea1f38125
-
SHA1
825af50daf0146a5f16aa6e3f59fa5320def4735
-
SHA256
94b795d57617222666cc16d4c9928841d781ba8d2406a188314e51a48f5d10da
-
SHA512
7a124fe558e4d8d1aed01be8d5d9720e7fc07d2f4a7215392eb4e4883e2191820a2e45f36c922e49aa2989301f379f43361d11558b43f4b6d814140eb6e90add
-
SSDEEP
24576:s+o/NuOhnPXVW9+E7a64d968HFghHqnqXg6cU9KXLNJCR+0MNDjCO4pF:IlvnPlW9+En4d08lghHqqQqoGsDjCNF
Score10/10-
Luminosity
Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1