bcfe332844e3a2e51645b120aa90fd741ef78378bba562e86135642ec26e9a58 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Luna-Grabber

windows10-2004-x64

8

Sharing

General

Target

Luna-Grabber
Size

339KB
Sample

240528-vvfysada2x
MD5

8adb4f5b01757280c4da185751237a07
SHA1

77aaec4206d8ac99d74d80eaa540e5fcddb080b5
SHA256

bcfe332844e3a2e51645b120aa90fd741ef78378bba562e86135642ec26e9a58
SHA512

78692c18ad339fc04532dcafbbcff94c0c382ed7d0fc7d2509957e561be05e69dc37376eca01b7bc2635dbac9b14f633cc9700a4248210fea39be8a4e90bd9a3
SSDEEP

6144:E0oGO2n9ddKM2vkm0aWyRv3j9WvZJT3CqbMrhryfQNRPaCieMjAkvCJv1Vi0Z23u:BoGO2n9ddKM2vkm0aWyRv3j9WvZJT3CV

Score

8^/10

discovery persistence pyinstaller upx

Static task

static1

Behavioral task

behavioral1

Sample

Luna-Grabber

Resource

win10v2004-20240508-en

discovery persistence pyinstaller upx

windows10-2004-x64

24 signatures

600 seconds

Malware Config

Targets

- Target
  
  Luna-Grabber
- Size
  
  339KB
- MD5
  
  8adb4f5b01757280c4da185751237a07
- SHA1
  
  77aaec4206d8ac99d74d80eaa540e5fcddb080b5
- SHA256
  
  bcfe332844e3a2e51645b120aa90fd741ef78378bba562e86135642ec26e9a58
- SHA512
  
  78692c18ad339fc04532dcafbbcff94c0c382ed7d0fc7d2509957e561be05e69dc37376eca01b7bc2635dbac9b14f633cc9700a4248210fea39be8a4e90bd9a3
- SSDEEP
  
  6144:E0oGO2n9ddKM2vkm0aWyRv3j9WvZJT3CqbMrhryfQNRPaCieMjAkvCJv1Vi0Z23u:BoGO2n9ddKM2vkm0aWyRv3j9WvZJT3CV
Score

8^/10

discovery persistence pyinstaller upx
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Blocklisted process makes network request
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistencepyinstallerupx

© 2018-2024

Terms | Privacy