General
-
Target
2025-05-29_03b116f38185c7170da971b4b813545c_amadey_black-basta_cobalt-strike_elex_luca-stealer_smoke-loader_wannacry
-
Size
235KB
-
Sample
250529-le54asbk71
-
MD5
03b116f38185c7170da971b4b813545c
-
SHA1
a203e2c0284da07e4fcb8a7f5ec97ec80f39c5b2
-
SHA256
705907830a4f4b19968732b6faa9856a79384c725b4546c96295c1c1f01e662a
-
SHA512
af4a4b996798209101391c2c5eb2edc078b2923c0fe21e3ce17e64ab77a5482f16bec0c6c3335db35967072f476f3d94c6e05fbe36045770ad44910ee28c02e8
-
SSDEEP
3072:JswZ6dzz8cniRUwYa35U4cUlONalsomMu2rKzQZU+8RV6g+r8VMAmGi7fNjrk:JlIzzFn2U785U43wseDMHruQG+8RqPQ
Static task
static1
Behavioral task
behavioral1
Sample
2025-05-29_03b116f38185c7170da971b4b813545c_amadey_black-basta_cobalt-strike_elex_luca-stealer_smoke-loader_wannacry.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
2025-05-29_03b116f38185c7170da971b4b813545c_amadey_black-basta_cobalt-strike_elex_luca-stealer_smoke-loader_wannacry
-
Size
235KB
-
MD5
03b116f38185c7170da971b4b813545c
-
SHA1
a203e2c0284da07e4fcb8a7f5ec97ec80f39c5b2
-
SHA256
705907830a4f4b19968732b6faa9856a79384c725b4546c96295c1c1f01e662a
-
SHA512
af4a4b996798209101391c2c5eb2edc078b2923c0fe21e3ce17e64ab77a5482f16bec0c6c3335db35967072f476f3d94c6e05fbe36045770ad44910ee28c02e8
-
SSDEEP
3072:JswZ6dzz8cniRUwYa35U4cUlONalsomMu2rKzQZU+8RV6g+r8VMAmGi7fNjrk:JlIzzFn2U785U43wseDMHruQG+8RqPQ
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Renames multiple (669) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-