luminosity | 9993ea4fb9b7e0b7c084658cfaa0f94f64e90a5d7ef7dd973cdf0697c208fed6 | Triage

Sharing

General

Target

d34289d0f2ac425fa5647d6acc488bcd_JaffaCakes118
Size

741KB
Sample

240908-b53ezszelg
MD5

d34289d0f2ac425fa5647d6acc488bcd
SHA1

72197d4d62768d09913e0e106128cb63884eef6a
SHA256

9993ea4fb9b7e0b7c084658cfaa0f94f64e90a5d7ef7dd973cdf0697c208fed6
SHA512

ff91f69d2e01d8a44e6b56908d4d3014e11199be4d8bf28e3b2cc6ed2730da925921c58cc77d32dc0be000d91e98bbc6f0f098059f5f3f717d23ad997a9e4ba0
SSDEEP

12288:MDOOXVRIBgJM6eB3IwnPkHKPZNoK8zW53kq7ZwRzHtL0QShru17/qXHx56RhPEqC:MDO56JM6eqmPKKPZN906ubLRll/WHxoq

Score

10^/10

luminosity discovery persistence rat

Malware Config

Targets

- Target
  
  d34289d0f2ac425fa5647d6acc488bcd_JaffaCakes118
- Size
  
  741KB
- MD5
  
  d34289d0f2ac425fa5647d6acc488bcd
- SHA1
  
  72197d4d62768d09913e0e106128cb63884eef6a
- SHA256
  
  9993ea4fb9b7e0b7c084658cfaa0f94f64e90a5d7ef7dd973cdf0697c208fed6
- SHA512
  
  ff91f69d2e01d8a44e6b56908d4d3014e11199be4d8bf28e3b2cc6ed2730da925921c58cc77d32dc0be000d91e98bbc6f0f098059f5f3f717d23ad997a9e4ba0
- SSDEEP
  
  12288:MDOOXVRIBgJM6eB3IwnPkHKPZNoK8zW53kq7ZwRzHtL0QShru17/qXHx56RhPEqC:MDO56JM6eqmPKKPZN906ubLRll/WHxoq
Score

10^/10

luminosity discovery persistence rat
- Luminosity
  Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.
  rat luminosity
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

luminositydiscoverypersistencerat

behavioral2

luminositydiscoverypersistencerat