Overview

overview

8

Static

static

1

Luna_Client.py

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Luna_Client.py

  • Size

    6KB

  • Sample

    240601-z1xkyafh24

  • MD5

    519183a3379e55835b5802f37210e884

  • SHA1

    2f785591a6e4db2adc569398d90ac2e6e9cf4329

  • SHA256

    4050fbc2b8d067d396857fb4b09cfd677e17b960ee525b8b62c417d446d7116e

  • SHA512

    93d965b7058fd1b84db9ab6d764c111f7752ee32c1ad02c55fcc90ee11c7c3fb71ff1a476e91c3cf80d030899372a2b91e7e47b88f9616f7c0af49196e5f863c

  • SSDEEP

    96:Hq3uv95ju6M9gYH/RXiyBMTapjaeGxLKpD9nbO0PL+KqZApNSXu3T:Bid/5iXTGj49UnbRT+KqZAHSe3T

Score
8/10
persistence

Malware Config

Targets

    • Target

      Luna_Client.py

    • Size

      6KB

    • MD5

      519183a3379e55835b5802f37210e884

    • SHA1

      2f785591a6e4db2adc569398d90ac2e6e9cf4329

    • SHA256

      4050fbc2b8d067d396857fb4b09cfd677e17b960ee525b8b62c417d446d7116e

    • SHA512

      93d965b7058fd1b84db9ab6d764c111f7752ee32c1ad02c55fcc90ee11c7c3fb71ff1a476e91c3cf80d030899372a2b91e7e47b88f9616f7c0af49196e5f863c

    • SSDEEP

      96:Hq3uv95ju6M9gYH/RXiyBMTapjaeGxLKpD9nbO0PL+KqZApNSXu3T:Bid/5iXTGj49UnbRT+KqZAHSe3T

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Adds Run key to start application

      persistence

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks