TECHNICAL REPORT NEW LAMPION BANKING TROJAN VARIANT IN THE WILD
Show in Graph
Image Description
Common Information
Type Value
UUID 543cd41c-e58e-445e-8bf5-f1a7b7a1ed53
Fingerprint be792edcb32f84587d629d6489fe6d9730ee9c7609407b580df7c37bb7a8ac6a
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 30, 2023, 2:34 p.m.
Added to db March 10, 2024, 3:59 a.m.
Last updated Aug. 31, 2024, 6:28 a.m.
Headline TECHNICAL REPORT NEW LAMPION BANKING TROJAN VARIANT IN THE WILD
Title TECHNICAL REPORT NEW LAMPION BANKING TROJAN VARIANT IN THE WILD
Detected Hints/Tags/Attributes 48/3/53
Source URLs
Redirection Url
Details Source https://www.layer8.pt/PDFs/New%20Lampion%20banking%20Trojan%20variant%20in%20the%20wild.pdf
URL Provider
Details Provider Source level domain
Details layer8.pt www.layer8.pt
Attributes
Details Type #Events CTI Value
Details Domain 78 
securityaffairs.co
Details Domain 831 
example.com
Details Domain 9 
we.tl
Details Domain 7 
wetransfer.com
Details Domain 1 
justlookaround.s3.amazonaws.com
Details Domain 2 
soprateste.zip
Details Domain 3 
code.in
Details Domain 96 
malpedia.caad.fkie.fraunhofer.de
Details Domain 37 
cofense.com
Details Domain 1 
layer8.pt
Details Domain 1 
www.layer8.pt
Details Email 1 
xxx@example.com
Details File 1 
trojan-release-212.html
Details File 1 
hidden-c2-lampion-trojan-release-212.html
Details File 4 
soprateste.zip
Details File 4 
a.vbs
Details File 1 
b.vbs
Details File 2 
c.vbs
Details File 1 
whklczetnyaoowno.dll
Details File 1 
wrpywosluqcnaqgziafygemfmogmafxbypouwpecqutkwvrwhklczetnyaoowno.dll
Details File 18 
a.dll
Details File 10 
blogs.inf
Details md5 1 
9c771d15e7bc6a750c7355bc4cc9e403
Details md5 1 
c4a6694925248ddf75d2849f5460f320
Details md5 1 
c33204558390a8b5fa32a7fe15141014
Details md5 1 
38a996533697a5e17e1e7e9b32ec16e9
Details md5 1 
5feb6bde72978cadbf06659506a4ab8d
Details md5 1 
9c5b05e761e0d058f41afe733e1025f8
Details md5 1 
25ca63d94eb39299563fa51986c9a17b
Details md5 1 
d9ffed9c1e7fa4102d3d23e2c52f3d52
Details sha1 1 
ab51f4b7d7180d459a58a9d1e13b1140ba201873
Details sha1 1 
7849a278fa962d6ea4aa51c0587494ad910c873a
Details sha1 1 
fe13fb3abf5ee184d87d49f60bb9932ceca24782
Details sha1 1 
3f13bc906d7d231720eac8b606515e09ae22e1d9
Details sha1 1 
c9372d98f1146f7c42fbcf84fa1b8a2ce0201fd5
Details sha1 1 
968419fdf5c8fda4d2ef5efd0fd7c8beb7a82d53
Details sha1 1 
1df5bc903cf9e9a5e04db7334f28a0477be0d0c0
Details sha1 1 
c9c3daae6659c73729f321437a548bc39c897dcb
Details Url 1 
https://securityaffairs.co/128975/malware/hidden-c2-lampion-
Details Url 1 
https://securityaffairs.co/128975/malware/hidden-c2-lampion-trojan-release-212.html
Details Url 1 
https://we.tl/t-n3xfgbxkst
Details Url 1 
https://wetransfer.com/downloads/b7bc0df27446f2631347b88afefe0c182023
Details Url 1 
https://justlookaround.s3.amazonaws.com/soprateste.zip
Details Url 1 
https://justlookaround.s3.amazonaws.com/poiiuyetr
Details Url 1 
https://wetransfer.com/downloads/b7bc0df27446f2631347b88afe
Details Url 1 
https://justlookaround.s3.amazonaws.com
Details Url 1 
https://justlookaround.s3.amazonaws.com/soprateste.zip?=psjuckbzhacmcykmlufdqbedaxvxalyriyqgftcnmwhrfhf
Details Url 1 
https://justlookaround.s3.amazonaws.com/poiiuyetr?=ahzlznnvglmubebwpqwjqalphpkyzphrtmervggofiqxwjqyznz
Details Url 1 
https://justlookaround.s3.amazonaws.com/poiiuyetr?=ahzlznnvglmubebwpqwjqalphpkyz
Details Url 1 
https://malpedia.caad.fkie.fraunhofer.de/details/vbs.lampion
Details Url 1 
https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-
Details Url 1 
https://cofense.com/blog/lampion-trojan-utilizes-new-delivery-through-cloud-based-sharing
Details Url 1 
https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/valyria-trojan-drops-emotet