Extracted

• • Target

    2025-04-01_065029491d64e41610d29b401a173afe_amadey_black-basta_hijackloader_luca-stealer

  • Size

    4.4MB

  • MD5

    065029491d64e41610d29b401a173afe

  • SHA1

    938c3da5cad02617f8924874abda72e0121ea357

  • SHA256

    9e78f89ffa70b6426595e1007db89bc2bd9fd39600d659a347f4689c5a1e67ad

  • SHA512

    9716a64662d5235c71aa3b2e21460bc105f6656fb5a5544c722f01de4321970b19f29548aae48506e75f15a0edd1f02021023cbfaaeac4074ca52421ccf79ca6

  • SSDEEP

    98304:WGhi/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/i/X:8qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqO

  Score

  10^/10

  valleyrat_s2backdoordiscovery

  • ValleyRat

    ValleyRat stage2 is a backdoor written in C++.

    backdoorvalleyrat_s2

  • Valleyrat_s2 family

    valleyrat_s2

  • Executes dropped EXE

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1