Overview

overview

10

Static

static

10

LunarSpoof...of.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LunarPremium.rar

  • Size

    14.1MB

  • Sample

    241231-1fl45szqfs

  • MD5

    ff5ee15242f48764b2edc32fc5509e57

  • SHA1

    dff0d50bede893472a25c8d9ceecc17f331d5ac4

  • SHA256

    b249966552a1b64b965003684e6ed94fbed7b92472c4127fdf21653a84771e0a

  • SHA512

    aeddfd2ed55db71e7184945c2cffda3190d9c6c9f58c85904253a9dd67ad8279562d9b5bc497d01c3eb087dc43e9e18fe847072dc38ed291839417c5d751ce9a

  • SSDEEP

    393216:xvd03n0BOxhr7t44HNetxAaWsyqUTwVUuxFUASuD:5wxhr7GqgAaW7qUT2UAS+

Score
10/10
crealstealercredential_accessdiscoverypyinstallerspywarestealer

Malware Config

Targets

    • Target

      LunarSpoofer/hwidspoof.exe

    • Size

      14.3MB

    • MD5

      0bab157a11bf6cb49f464f335f632114

    • SHA1

      c3111056b6649a6c783cef6c4a7bac8beb30cb8f

    • SHA256

      ffcc5b7fe6b090a601737ef13007714dd17af1019bbec008a3cc17714fcd3ce9

    • SHA512

      86352eb26fed1cd80f7cf51c31688314b1da8ecd10c146c89fcd9064615cef0bf711f667c58100036106abf9a0cde2e5f540c9188a3c61353de09dd6ab3cd54f

    • SSDEEP

      196608:Zf0sKYu/PaQ+Duvf7ndQmRJ8dA6lSuqaycBIGpEqo6hTOv+QKfwJnF7vDbrh/l56:fQPndQuslSq9RoWOv+9fgF/5spLcti

    Score
    7/10
    credential_accessdiscoveryspywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks