Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
07/06/2024, 05:57 UTC
General
-
Target
Luna-Grabber-main/options/Browsers.py
-
Size
6KB
-
MD5
91848f3d8e6ac6ccf90b83cfb87322cd
-
SHA1
62632262210b6d13ebeefc36fdce92b011387868
-
SHA256
1a9de3ad311b70cf37c3b6f1b9e77faaa38ca8b2e9e33046f824af2a20be1184
-
SHA512
7b6d4db865e2383a6e27942302a4634018ffd933d9ba9d82c00b17ceec8ea3f68fcac0fbe756b2b00a00cbd4140385ef3b0f0734e18cd158feb4cf28b9aaaa5d
-
SSDEEP
192:S8RI0pRHIG+abKcphGE3+OK1w81A7ln42:NRI0pRHIG+abKcph0w81A7K2
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 9 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\options\Browsers.py1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\options\Browsers.py2⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\options\Browsers.py"3⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD537c6ef18b30feba22af74508151017c0
SHA11a82e9785f4fa5f98812fa98cceaafaa68644fa2
SHA256ad8a4880656fd06c2ee999d06a3781e844d81fc46c70d8419bb5bb1b6d60fa51
SHA51210c0e7931dd8a324b1c16edcca85a4c5eef2130d73cbb39c455cf226d47bcf679863a3335b1998da2bc72bdcecad8943a2d38582326ca2a1fb527928eeabce38