General
-
Target
2025-03-30_2a853d25b3990a68ace0715816e2ed03_black-basta_hawkeye_luca-stealer
-
Size
520KB
-
Sample
250330-h4654ssxey
-
MD5
2a853d25b3990a68ace0715816e2ed03
-
SHA1
7fd369dfa2c648a06126f40c1bcbf70590ce1cbf
-
SHA256
1c35cf6d9c6d45d769d5054ba292df89b12decfc15bc578aa5adfdbacd661aaa
-
SHA512
9f9bd7e332498e30160972643ac596c86f1fe3849ee86818ebe63275457f6481c9e1c9c50b41932b6111dbf26f68b5cb5ac70cbebe8faf7a4fbfbdae84a81829
-
SSDEEP
12288:ADtdhbVuzipg+0qis6mlDLTlmneFOCM8LTZcgkA97:ADb9VuUis6mlnTlIeUCM8vZx97
Static task
static1
Behavioral task
behavioral1
Sample
2025-03-30_2a853d25b3990a68ace0715816e2ed03_black-basta_hawkeye_luca-stealer.exe
Resource
win7-20240903-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2025-03-30_2a853d25b3990a68ace0715816e2ed03_black-basta_hawkeye_luca-stealer
-
Size
520KB
-
MD5
2a853d25b3990a68ace0715816e2ed03
-
SHA1
7fd369dfa2c648a06126f40c1bcbf70590ce1cbf
-
SHA256
1c35cf6d9c6d45d769d5054ba292df89b12decfc15bc578aa5adfdbacd661aaa
-
SHA512
9f9bd7e332498e30160972643ac596c86f1fe3849ee86818ebe63275457f6481c9e1c9c50b41932b6111dbf26f68b5cb5ac70cbebe8faf7a4fbfbdae84a81829
-
SSDEEP
12288:ADtdhbVuzipg+0qis6mlDLTlmneFOCM8LTZcgkA97:ADb9VuUis6mlnTlIeUCM8vZx97
-
Modifies firewall policy service
-
Sality family
-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5