Resubmissions

21-06-2024 01:55

240621-cb55fszbmk 7

21-06-2024 01:53

240621-cbhddsvhjb 8

General

  • Target

    Lumine X [TEST].exe

  • Size

    23.2MB

  • Sample

    240621-cbhddsvhjb

  • MD5

    6a71ffb816ae78b4037fa9fca8c33766

  • SHA1

    f9ec324f437cbd7b5d4ee4bd36db5cc94f0180f1

  • SHA256

    1c0d13f9a5d52b1a2918f38560d380474e2a1ef557f6efc17b5fc8f9dd869a33

  • SHA512

    70d2e973c3c15e24d45e4600ffd3eed8e24fad68480e9e162d14ab3abb18ff796c79d283cb96cce8f1a1c50e3eb3f7e9804fe7f6548f6700cb5182181b0b5693

  • SSDEEP

    393216:Bo9DM45UUptSJurEUWjQ8PvIxjbTMg8YnjjgZewKv6bWH9SFjrK+:W9N6+YdbQKvIxM6jUZewKvZ9SFjrK+

Malware Config

Targets

    • Target

      Lumine X [TEST].exe

    • Size

      23.2MB

    • MD5

      6a71ffb816ae78b4037fa9fca8c33766

    • SHA1

      f9ec324f437cbd7b5d4ee4bd36db5cc94f0180f1

    • SHA256

      1c0d13f9a5d52b1a2918f38560d380474e2a1ef557f6efc17b5fc8f9dd869a33

    • SHA512

      70d2e973c3c15e24d45e4600ffd3eed8e24fad68480e9e162d14ab3abb18ff796c79d283cb96cce8f1a1c50e3eb3f7e9804fe7f6548f6700cb5182181b0b5693

    • SSDEEP

      393216:Bo9DM45UUptSJurEUWjQ8PvIxjbTMg8YnjjgZewKv6bWH9SFjrK+:W9N6+YdbQKvIxM6jUZewKvZ9SFjrK+

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      Lumine x.pyc

    • Size

      67KB

    • MD5

      5734f1d9625c0e4a582eb761ae94f63e

    • SHA1

      419b708a78c4355432fae9d35fd3a5f86325aa1d

    • SHA256

      541817e5a8c4c962083e449edebd22d6919bce7539c8db7ca3e67476d006c58b

    • SHA512

      d48e92b375ee85211749f86c119429aa259312988424523fe65beb78025d5a65c82563d8a2c1b6f7ac4b174abacf827f3b68d37c9b1bad84d6504d220ec1efb8

    • SSDEEP

      768:u2lfPySSEcm2M26Khssz6or+01N0gd4q30hE2LXTxlwvOLYsfPGMmgt0AnjEUnrf:u2PSEh0e6LBE/xcGPGMmgtF4qrcC

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks