General
-
Target
Lumine X [TEST].exe
-
Size
23.2MB
-
Sample
240621-cbhddsvhjb
-
MD5
6a71ffb816ae78b4037fa9fca8c33766
-
SHA1
f9ec324f437cbd7b5d4ee4bd36db5cc94f0180f1
-
SHA256
1c0d13f9a5d52b1a2918f38560d380474e2a1ef557f6efc17b5fc8f9dd869a33
-
SHA512
70d2e973c3c15e24d45e4600ffd3eed8e24fad68480e9e162d14ab3abb18ff796c79d283cb96cce8f1a1c50e3eb3f7e9804fe7f6548f6700cb5182181b0b5693
-
SSDEEP
393216:Bo9DM45UUptSJurEUWjQ8PvIxjbTMg8YnjjgZewKv6bWH9SFjrK+:W9N6+YdbQKvIxM6jUZewKvZ9SFjrK+
Behavioral task
behavioral1
Sample
Lumine X [TEST].exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
Lumine X [TEST].exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Lumine x.pyc
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
Lumine x.pyc
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
Lumine X [TEST].exe
-
Size
23.2MB
-
MD5
6a71ffb816ae78b4037fa9fca8c33766
-
SHA1
f9ec324f437cbd7b5d4ee4bd36db5cc94f0180f1
-
SHA256
1c0d13f9a5d52b1a2918f38560d380474e2a1ef557f6efc17b5fc8f9dd869a33
-
SHA512
70d2e973c3c15e24d45e4600ffd3eed8e24fad68480e9e162d14ab3abb18ff796c79d283cb96cce8f1a1c50e3eb3f7e9804fe7f6548f6700cb5182181b0b5693
-
SSDEEP
393216:Bo9DM45UUptSJurEUWjQ8PvIxjbTMg8YnjjgZewKv6bWH9SFjrK+:W9N6+YdbQKvIxM6jUZewKvZ9SFjrK+
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
Lumine x.pyc
-
Size
67KB
-
MD5
5734f1d9625c0e4a582eb761ae94f63e
-
SHA1
419b708a78c4355432fae9d35fd3a5f86325aa1d
-
SHA256
541817e5a8c4c962083e449edebd22d6919bce7539c8db7ca3e67476d006c58b
-
SHA512
d48e92b375ee85211749f86c119429aa259312988424523fe65beb78025d5a65c82563d8a2c1b6f7ac4b174abacf827f3b68d37c9b1bad84d6504d220ec1efb8
-
SSDEEP
768:u2lfPySSEcm2M26Khssz6or+01N0gd4q30hE2LXTxlwvOLYsfPGMmgt0AnjEUnrf:u2PSEh0e6LBE/xcGPGMmgtF4qrcC
Score3/10 -