General

  • Target

    2025-05-30_ed57e44854ea29b986be4aa51a95cab5_amadey_black-basta_elex_luca-stealer

  • Size

    9.1MB

  • Sample

    250530-a98bcscm3s

  • MD5

    ed57e44854ea29b986be4aa51a95cab5

  • SHA1

    f3db55bd4c3d8089d9e0af2e8258191e641b143d

  • SHA256

    60c6119d2d8a91e4573b0b77bfb9fb9a389ebf00860908d7485d771c7a511bfe

  • SHA512

    2b5fba09f5c43aa658913c2881a4277498b002c179c63eb729b6d1e380d86a26d3785f2f1104ba32931be4c6c5878571c92d2b37721293dfff5389ab3302aea7

  • SSDEEP

    98304:dGyqWyWy0GyqWyWyMRPC1em1eHL5dGTEYm:O1em1eHL5dem

Malware Config

Targets

    • Target

      2025-05-30_ed57e44854ea29b986be4aa51a95cab5_amadey_black-basta_elex_luca-stealer

    • Size

      9.1MB

    • MD5

      ed57e44854ea29b986be4aa51a95cab5

    • SHA1

      f3db55bd4c3d8089d9e0af2e8258191e641b143d

    • SHA256

      60c6119d2d8a91e4573b0b77bfb9fb9a389ebf00860908d7485d771c7a511bfe

    • SHA512

      2b5fba09f5c43aa658913c2881a4277498b002c179c63eb729b6d1e380d86a26d3785f2f1104ba32931be4c6c5878571c92d2b37721293dfff5389ab3302aea7

    • SSDEEP

      98304:dGyqWyWy0GyqWyWyMRPC1em1eHL5dGTEYm:O1em1eHL5dem

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Drops file in Drivers directory

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v16

Tasks