General
-
Target
rust-stealer-xss.exe
-
Size
5.8MB
-
Sample
250403-vbv9cszsbs
-
MD5
cef223500250aef7b78ca318fe168e3e
-
SHA1
cb4e232f24800466cf6c7bf940046ef107075361
-
SHA256
0532caaaee1ea76a55ff35f707dfdf5491a8a52f3b6fe53fedba3d817f80a292
-
SHA512
49768813cc2c090753f0d9eed9a9bf31c75290c9dc1c3019071a1bbfc62a38d1fe04f3fec6c75e33dee5e67ae2fbc0390535a23483c0b5b4d185e8bca58f25a6
-
SSDEEP
98304:0li0YSy5dP26vytLqQF9UPAxaJhMFAn+nF:D0Cn26c9rxaJAm
Malware Config
Targets
-
-
Target
rust-stealer-xss.exe
-
Size
5.8MB
-
MD5
cef223500250aef7b78ca318fe168e3e
-
SHA1
cb4e232f24800466cf6c7bf940046ef107075361
-
SHA256
0532caaaee1ea76a55ff35f707dfdf5491a8a52f3b6fe53fedba3d817f80a292
-
SHA512
49768813cc2c090753f0d9eed9a9bf31c75290c9dc1c3019071a1bbfc62a38d1fe04f3fec6c75e33dee5e67ae2fbc0390535a23483c0b5b4d185e8bca58f25a6
-
SSDEEP
98304:0li0YSy5dP26vytLqQF9UPAxaJhMFAn+nF:D0Cn26c9rxaJAm
Score10/10-
Luca Stealer
Info stealer written in Rust first seen in July 2022.
-
Lucastealer family
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-