General
-
Target
2025-04-04_36a98977f899c867f87110939865b2a3_akira_black-basta_hijackloader_remcos_rhadamanthys_smoke-loader
-
Size
10.3MB
-
Sample
250404-el5b1s1rv9
-
MD5
36a98977f899c867f87110939865b2a3
-
SHA1
5d0543addb9d142612bb793f25ca6ace0e8db854
-
SHA256
1b47e7b81a801b6e63f47beff6a5f66bb3752a1e85f91c6c6a8a8b4c014b0490
-
SHA512
4484e122ab35c346b30ceef8eacdafa7f0992f1b0c88f0f7e19fd84874ecb56b00e271a9500892f9b499913d506a5998f7b6e62297a67e50a3acff26c2019367
-
SSDEEP
98304:JIyC0oAaldmdmnp7KUgTH2M2m9UMpu1QfLczqssnKSa5d6w:TnKmd0ngTH2qBpu1QfLIqsufa5dH
Malware Config
Targets
-
-
Target
2025-04-04_36a98977f899c867f87110939865b2a3_akira_black-basta_hijackloader_remcos_rhadamanthys_smoke-loader
-
Size
10.3MB
-
MD5
36a98977f899c867f87110939865b2a3
-
SHA1
5d0543addb9d142612bb793f25ca6ace0e8db854
-
SHA256
1b47e7b81a801b6e63f47beff6a5f66bb3752a1e85f91c6c6a8a8b4c014b0490
-
SHA512
4484e122ab35c346b30ceef8eacdafa7f0992f1b0c88f0f7e19fd84874ecb56b00e271a9500892f9b499913d506a5998f7b6e62297a67e50a3acff26c2019367
-
SSDEEP
98304:JIyC0oAaldmdmnp7KUgTH2M2m9UMpu1QfLczqssnKSa5d6w:TnKmd0ngTH2qBpu1QfLIqsufa5dH
Score10/10-
Disables service(s)
-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Executes dropped EXE
-
Network Share Discovery
Attempt to gather information on host network.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Account Manipulation
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Account Manipulation
1Create or Modify System Process
1Windows Service
1