LEMPO

Description

(Proofpoint) Once the malware, which is an updated version of Liderc that Proofpoint has dubbed LEMPO, establishes persistence, it can perform reconnaissance on the infected machine, save the reconnaissance details to the host, exfiltrate sensitive information to an actor-controlled email account via SMTPS, and then cover its tracks by deleting that day’s host artifacts.

Names

Name
LEMPO

Category

Malware

Type

• Reconnaissance
• Info stealer
• Exfiltration

Information

• https://www.proofpoint.com/us/blog/threat-insight/i-knew-you-were-trouble-ta456-targets-defense-contractor-alluring-social-media

Alienvault Otx

• https://otx.alienvault.com/browse/global/pulses?q=tag:LEMPO

Other Information

Uuid

39df9603-9b08-4897-9ac8-7a66a8b728b1

Last Card Change

2021-08-10