General
-
Target
2025-04-23_c9e9db1f35f609066e0e8625f4c36dcf_black-basta_elex_hijackloader_luca-stealer_metamorfo
-
Size
12.1MB
-
Sample
250423-qx1zhsyyav
-
MD5
c9e9db1f35f609066e0e8625f4c36dcf
-
SHA1
701d400bc402bd3e1cf4e380e788c434a7187b59
-
SHA256
40e99a50bffbbf3e5ae55088e3e43c1dfccdf4021218fb415b6ae202d33ce3a7
-
SHA512
19fb0365c0bed57f64fab2085a3a7e91842999748ff99fa50d8d4767260700700f7b40fdcdff3a3e55438e4477d145e9b4e44af5570ae420576ffd26e913c61e
-
SSDEEP
98304:2ql27OuKr+gvhf2TlkqXf0FvUcwti78OqJ7TPBvc8X6Ucz:25OuK6mUkSIvUcwti7TQlvci6Uc
Static task
static1
Behavioral task
behavioral1
Sample
2025-04-23_c9e9db1f35f609066e0e8625f4c36dcf_black-basta_elex_hijackloader_luca-stealer_metamorfo.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-23_c9e9db1f35f609066e0e8625f4c36dcf_black-basta_elex_hijackloader_luca-stealer_metamorfo.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-23_c9e9db1f35f609066e0e8625f4c36dcf_black-basta_elex_hijackloader_luca-stealer_metamorfo
-
Size
12.1MB
-
MD5
c9e9db1f35f609066e0e8625f4c36dcf
-
SHA1
701d400bc402bd3e1cf4e380e788c434a7187b59
-
SHA256
40e99a50bffbbf3e5ae55088e3e43c1dfccdf4021218fb415b6ae202d33ce3a7
-
SHA512
19fb0365c0bed57f64fab2085a3a7e91842999748ff99fa50d8d4767260700700f7b40fdcdff3a3e55438e4477d145e9b4e44af5570ae420576ffd26e913c61e
-
SSDEEP
98304:2ql27OuKr+gvhf2TlkqXf0FvUcwti78OqJ7TPBvc8X6Ucz:25OuK6mUkSIvUcwti7TQlvci6Uc
Score10/10-
Milleniumrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-