Overview

overview

10

Static

static

10

Lunaris Ex...or.exe

windows10-2004-x64

9

Lunaris Ex...GL.dll

windows10-2004-x64

1

Lunaris Ex...er.exe

windows10-2004-x64

1

Lunaris Ex...l6.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Lunaris+Executor.rar

  • Size

    93.3MB

  • Sample

    250110-qfby3avmdw

  • MD5

    b085d049e582c7248bf7a2e46d7abc46

  • SHA1

    b87bb46ffbae6839b087eab8202347feeb443ce9

  • SHA256

    18838910634c5684dfaca94d9620316cf7ce21e85bf5a53409060a77de3c49fd

  • SHA512

    a46be9e7143a466d69d41e61206c0c9ba2019243d042fd8ce94a5e45762d6ad4f0a848ea9bf5c70ac6a6dec9e1b8fcb9d1e94b407ca335909aa219b4e78cab48

  • SSDEEP

    1572864:SgWl8iDPcOnpBg+mfI608x/4GV0PmUblxXmZxaQpA40IDDJsPNSKVBlTQN/GPnQt:SPlJDPcOnvg+6I6fx/rV0PmU5xXmZxag

Score
10/10
pysilonexecutionpyinstallerupx

Malware Config

Targets

    • Target

      Lunaris Executor/Lunaris Executor.exe

    • Size

      77.6MB

    • MD5

      23328bbac474ad59fb7cc49443a111f1

    • SHA1

      b1957c920a80aacd68b2337c644974b68a2e6133

    • SHA256

      50c633e55df6721b20ca8ab9bf9a1f828d1311df96d26f90a8a2401949f53f26

    • SHA512

      aaef761409d9fa75b8589ac281ab97b8c7fc782b7bf19ef3a73b8677ff15c36b47a08882392098dc28919267c0718b3979506f510ffe180ff6124cc156753845

    • SSDEEP

      1572864:PvHcRlKW6mSk8IpG7V+VPhqQdSTE7tlHeAiYweyJulZUdgwh6rRdEYV37U:PvHcRcpmSkB05awkSWdcpuch6rDto

    Score
    9/10
    executionupx

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

    • Target

      Lunaris Executor/libEGL.dll

    • Size

      467KB

    • MD5

      17662d1e0a2253ec36137808e23eeceb

    • SHA1

      51aff14e5a9511dd34168c7b66f8e1779e65bd60

    • SHA256

      c974d5161beec3eceefafd253a77e909efe1a2906664a4021a15b0dd7d3fc06c

    • SHA512

      7b02d36d17f35c8b48c168bb3b866a17956e1a0c16492da5742951fdefda4f8e48a155b9368cb23eadb99dc6f51e13a92525a5a82715d5501aefd21e89413307

    • SSDEEP

      6144:juF2Dw0NiKxN6YTfDVTCanVJhPadWQo+mehJp/Ej4:60iKbbTfDVJ2dWQo+menp/EU

    Score
    1/10
    behavioral2

    • Target

      Lunaris Executor/loader.dll

    • Size

      33.8MB

    • MD5

      1abc0c371d7a4fcde2cb41a025b4474d

    • SHA1

      e715c98b090b8a5b74a372a4cee99fdbfe97517a

    • SHA256

      e4e7e5f2fb941af2adfc76ad9fb22b18fe5418cfc5d45368f44c8d71e5889a2c

    • SHA512

      eb28970cd77fcb1722605fd6a95df08e668f9a2d43049a701e64dc198a77757dfa8e1be7a7cbcd465ba23976124e6ffc9e7209d116668302722fe9da18c61a35

    • SSDEEP

      196608:2zEofeKAGyhJTlYHRSA6Et929rgJTCngHr1LOOCjc55TV+kr302EvE/MN8iTpyhN:2QKeKxyDxYxzLtReMr1vozkww3

    Score
    1/10
    behavioral3

    • Target

      Lunaris Executor/sycl6.dll

    • Size

      3.7MB

    • MD5

      29cc5a0c895cf6f3ab4631eed6d3de96

    • SHA1

      3f8f9d44e400900e99eaa5cfb585fc5e381e4949

    • SHA256

      8d0f9d6fd405525301c10242dd748f7cd37cb1b811fad2913470aff47ffd83b1

    • SHA512

      b26556118e510f035b3756dbd49c9688333ac1169a54acb7cee56f697b88097e9d239e751e8521e311774b455b6c03429e622904f2fe13a13b924f0ac721ae62

    • SSDEEP

      49152:tauP/S5Y+++UZAammx4uJHlnOIN9hke8/m3oBosvPEcGRu:Ttv6zDJ

    Score
    1/10
    behavioral4

MITRE ATT&CK Enterprise v15

Tasks