Overview

overview

10

Static

static

10

Luna-Grabb...er.exe

windows7-x64

7

Luna-Grabb...er.exe

windows10-2004-x64

8

Luna-Grabb...ion.py

windows7-x64

3

Luna-Grabb...ion.py

windows10-2004-x64

3

Luna-Grabb...ate.py

windows7-x64

3

Luna-Grabb...ate.py

windows10-2004-x64

3

Luna-Grabb...upx.py

windows7-x64

3

Luna-Grabb...upx.py

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2024 09:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Luna-Grabber-main/Builder.exe

  • Size

    7.3MB

  • MD5

    a215edd9d9788492b561858e44184bca

  • SHA1

    77d8816ecce79f525c118687149e2f3b68dcb984

  • SHA256

    7fbbefdae9adf0f81808b9decf48c08ba4a47293e80cd4855c083ab1f392c184

  • SHA512

    64dfdf28e74a95af3cef3ad89b45d656bb49fba705665aad7878a397f18ae1c1a7e1aca2df466e80179f130b5350f0ac1eea26affe940742c2c42b8930f035ff

  • SSDEEP

    196608:uuWYS6uOshoKMuIkhVastRL5Di3uq1D7mW:IYShOshouIkPftRL54DRX

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\Builder.exe
    "C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\Builder.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1576
    • C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\Builder.exe
      "C:\Users\Admin\AppData\Local\Temp\Luna-Grabber-main\Builder.exe"
      2⤵
      • Loads dropped DLL
      PID:2388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI15762\python311.dll
    Filesize

    1.6MB

    MD5

    5f6fd64ec2d7d73ae49c34dd12cedb23

    SHA1

    c6e0385a868f3153a6e8879527749db52dce4125

    SHA256

    ff9f102264d1944fbfae2ba70e7a71435f51a3e8c677fd970b621c4c9ea71967

    SHA512

    c4be2d042c6e4d22e46eacfd550f61b8f55814bfe41d216a4df48382247df70bc63151068513855aa78f9b3d2f10ba6a824312948324c92de6dd0f6af414e8ab

    Download Submit

  • memory/2388-23-0x000007FEF5810000-0x000007FEF5DF9000-memory.dmp

    Filesize

    5.9MB

    Download