General
-
Target
2025-05-29_e1e14c0281728f0dde0e74f44d5117e4_amadey_black-basta_cobalt-strike_elex_luca-stealer_smoke-loader_wannacry
-
Size
235KB
-
Sample
250529-2nwtzsy1hv
-
MD5
e1e14c0281728f0dde0e74f44d5117e4
-
SHA1
218c96b1dbf61aba63cffe64597e3c5555cddaca
-
SHA256
210238709b1ffca0c6000fc0a9dfcb245146febc4aa02e301332bd18cd2c8cc3
-
SHA512
1c2eb93a404942c52ee3dd03bdcccfe35ce71db8720002cdb98cfe53f71bf4018e125525c31d01738bd84aef96bdaf87fede3127948191ef19378bef34d9b749
-
SSDEEP
6144:YvnzhNKF0l2mDFNQLe0MJ7WQKu8Rk9mB4:YvnzhNw0l2WJ7KY9x
Static task
static1
Behavioral task
behavioral1
Sample
2025-05-29_e1e14c0281728f0dde0e74f44d5117e4_amadey_black-basta_cobalt-strike_elex_luca-stealer_smoke-loader_wannacry.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
2025-05-29_e1e14c0281728f0dde0e74f44d5117e4_amadey_black-basta_cobalt-strike_elex_luca-stealer_smoke-loader_wannacry.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
2025-05-29_e1e14c0281728f0dde0e74f44d5117e4_amadey_black-basta_cobalt-strike_elex_luca-stealer_smoke-loader_wannacry
-
Size
235KB
-
MD5
e1e14c0281728f0dde0e74f44d5117e4
-
SHA1
218c96b1dbf61aba63cffe64597e3c5555cddaca
-
SHA256
210238709b1ffca0c6000fc0a9dfcb245146febc4aa02e301332bd18cd2c8cc3
-
SHA512
1c2eb93a404942c52ee3dd03bdcccfe35ce71db8720002cdb98cfe53f71bf4018e125525c31d01738bd84aef96bdaf87fede3127948191ef19378bef34d9b749
-
SSDEEP
6144:YvnzhNKF0l2mDFNQLe0MJ7WQKu8Rk9mB4:YvnzhNw0l2WJ7KY9x
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Renames multiple (725) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-