Not All Fun and Games: Lua Malware Targets Educational Sector and Student Gaming Engines
Oct. 9, 2024, 4:05 p.m.
Tags
External References
Description
Over the past year, the delivery of Lua malware appears to have undergone simplification, possibly to reduce exposure to detection mechanisms. The malware is frequently delivered using obfuscated Lua scripts instead of compiled Lua bytecode, as the latter can trigger suspicion more easily.
Date
Published: Oct. 9, 2024, 3:37 p.m.
Created: Oct. 9, 2024, 3:37 p.m.
Modified: Oct. 9, 2024, 4:05 p.m.
Indicators
e09370c9adc09c15eb8d05301bd3c74ef76e98b8a2fa2089df9c4ec5d7b4e047
b3ecbe4132598ef746e2111ba29f46af06886677d18595b6845849577121707a
afd731bb658525845c8ee4216b05ce0c9c8b2e8b745884fbefeb01ef331163a1
aecdaa94885c3fcd856c3516311bf366ac5ee13b43c28560eadc1f637efcf432
9aacf8f59b8daff24161549378c95174dac40b2fb01d7b8a78b513d3d35f6411
98418f7079cc11970899a18098425d22414663301dbbad1c892a8c702b90223f
8e59a9de633fc1e0a9da10268c606b898e7d5a6645ee21851465e027aefbaec9
3b515469aba46a0a08d8fcbd8feb98ce9bcebfa1a48d56be586dc9aa4584c0c2
308721f4dc7818aed5f0282a3efa5944c1d16e97b0cb3bb5786009a186ea9791
77.73.129.64
212.193.4.66
185.236.228.12
185.221.198.82
185.208.158.36
146.19.128.146
solaraexec.cc
nickcano.com
electronexec.com
Attack Patterns
Lua
T1113
T1573
T1102
T1027
T1059
Additional Informations
Gaming