Overview

overview

10

Static

static

3

6d7f105a5d...f0.exe

windows7-x64

7

6d7f105a5d...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d7f105a5db2829c3e240341df88927c014a8c3899b106ebd16bc791b44406f0.exe

  • Size

    3.2MB

  • Sample

    250201-nbyk6azjfw

  • MD5

    f014e2750629f728dd4bf1ef3b7cde9a

  • SHA1

    068ac0bb69f26f9b95a7cd71f74b41b587760e0a

  • SHA256

    6d7f105a5db2829c3e240341df88927c014a8c3899b106ebd16bc791b44406f0

  • SHA512

    b7539a11fdae3efc33a9dc65d4ebdff8ee41eac1a8793f20b76cc21c142c3c3536d6e9b8e9d4c7dd58d7c3470990d266185548a51a1e94776cee582025c5a935

  • SSDEEP

    98304:vEpgwdMPzi3RRmiHMZ9X132hEHuAZwIqcyU2Tujn1i8NS1aU:MpgwdMPziLmiHCdYEKlTuj1iV

Score
10/10
luminositydiscoverypersistencerat

Malware Config

Targets

    • Target

      6d7f105a5db2829c3e240341df88927c014a8c3899b106ebd16bc791b44406f0.exe

    • Size

      3.2MB

    • MD5

      f014e2750629f728dd4bf1ef3b7cde9a

    • SHA1

      068ac0bb69f26f9b95a7cd71f74b41b587760e0a

    • SHA256

      6d7f105a5db2829c3e240341df88927c014a8c3899b106ebd16bc791b44406f0

    • SHA512

      b7539a11fdae3efc33a9dc65d4ebdff8ee41eac1a8793f20b76cc21c142c3c3536d6e9b8e9d4c7dd58d7c3470990d266185548a51a1e94776cee582025c5a935

    • SSDEEP

      98304:vEpgwdMPzi3RRmiHMZ9X132hEHuAZwIqcyU2Tujn1i8NS1aU:MpgwdMPziLmiHCdYEKlTuj1iV

    Score
    10/10
    discoveryluminositypersistencerat

    • Luminosity

      Luminosity is a RAT family that was on sale, while claiming to be a system administration utility.

      ratluminosity

    • Luminosity family

      luminosity

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks