General

  • Target

    2024-11-19_dd9f4944c12fdcd39d200cd374ca8bff_luca-stealer_magniber

  • Size

    14.8MB

  • Sample

    241119-yy27za1gqd

  • MD5

    dd9f4944c12fdcd39d200cd374ca8bff

  • SHA1

    f3d5838318f261bf5607e99ecb04ff97ab92536d

  • SHA256

    6247c56d501cfc3fab88493ec3ace9412acd2c0f87be310104cb2a92abe9f910

  • SHA512

    696f7b41621107725b38432e6ac2d0cde88c7b3a326839c7468921dbe2ef7feef2d552af0dc3dea7a37b785c4764fea76fe534b381d99b187b1514096ef96f37

  • SSDEEP

    196608:mp/cHhw2rNAWgd/i7D4/mO4y/i2GhC5HeHxMX0RyXOcCn65U:YcDuWgd/i7C/iHh4WxPpcC+U

Malware Config

Targets

    • Target

      2024-11-19_dd9f4944c12fdcd39d200cd374ca8bff_luca-stealer_magniber

    • Size

      14.8MB

    • MD5

      dd9f4944c12fdcd39d200cd374ca8bff

    • SHA1

      f3d5838318f261bf5607e99ecb04ff97ab92536d

    • SHA256

      6247c56d501cfc3fab88493ec3ace9412acd2c0f87be310104cb2a92abe9f910

    • SHA512

      696f7b41621107725b38432e6ac2d0cde88c7b3a326839c7468921dbe2ef7feef2d552af0dc3dea7a37b785c4764fea76fe534b381d99b187b1514096ef96f37

    • SSDEEP

      196608:mp/cHhw2rNAWgd/i7D4/mO4y/i2GhC5HeHxMX0RyXOcCn65U:YcDuWgd/i7C/iHh4WxPpcC+U

    • Renames multiple (300) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks