Extracted

• • Target

    2025-04-03_ce83433a14b93f60e6eb64e4b20790ba_black-basta_luca-stealer

  • Size

    2.2MB

  • MD5

    ce83433a14b93f60e6eb64e4b20790ba

  • SHA1

    be81c04340a43e99b8b0a065664c98be39040ca4

  • SHA256

    11f19797364832d08cd3855035729a23e44c2237ff5cf880e45eba5e3d5f3158

  • SHA512

    a4827a5000bd1db565606c349052650740f39aa24e3a75a49c9f4f4b1795b244dc18bd87c2509b498b6e32a689004ce209f72495e31bb2f14baa327d7da820d1

  • SSDEEP

    49152:bTmpVJUOyTmpVJUOyTmpVJUOyTmpVJUOyTmpVJUOyTmpVJUO9:bTmpV4TmpV4TmpV4TmpV4TmpV4TmpVX

  Score

  10^/10

  mylobotbotnetdiscoverypersistence

  • Mylobot

    Botnet which first appeared in 2017 written in C++.

    botnetmylobot

  • Mylobot family

    mylobot

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1