General

  • Target

    2025-04-23_c9e9db1f35f609066e0e8625f4c36dcf_black-basta_elex_hijackloader_luca-stealer_metamorfo

  • Size

    12.1MB

  • Sample

    250423-qx1zhsyyav

  • MD5

    c9e9db1f35f609066e0e8625f4c36dcf

  • SHA1

    701d400bc402bd3e1cf4e380e788c434a7187b59

  • SHA256

    40e99a50bffbbf3e5ae55088e3e43c1dfccdf4021218fb415b6ae202d33ce3a7

  • SHA512

    19fb0365c0bed57f64fab2085a3a7e91842999748ff99fa50d8d4767260700700f7b40fdcdff3a3e55438e4477d145e9b4e44af5570ae420576ffd26e913c61e

  • SSDEEP

    98304:2ql27OuKr+gvhf2TlkqXf0FvUcwti78OqJ7TPBvc8X6Ucz:25OuK6mUkSIvUcwti7TQlvci6Uc

Malware Config

Targets

    • Target

      2025-04-23_c9e9db1f35f609066e0e8625f4c36dcf_black-basta_elex_hijackloader_luca-stealer_metamorfo

    • Size

      12.1MB

    • MD5

      c9e9db1f35f609066e0e8625f4c36dcf

    • SHA1

      701d400bc402bd3e1cf4e380e788c434a7187b59

    • SHA256

      40e99a50bffbbf3e5ae55088e3e43c1dfccdf4021218fb415b6ae202d33ce3a7

    • SHA512

      19fb0365c0bed57f64fab2085a3a7e91842999748ff99fa50d8d4767260700700f7b40fdcdff3a3e55438e4477d145e9b4e44af5570ae420576ffd26e913c61e

    • SSDEEP

      98304:2ql27OuKr+gvhf2TlkqXf0FvUcwti78OqJ7TPBvc8X6Ucz:25OuK6mUkSIvUcwti7TQlvci6Uc

    • MilleniumRat

      MilleniumRat is a remote access trojan written in C#.

    • Milleniumrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v16

Tasks