General

  • Target

    2025-06-30_42c4e42a0c8a5aa0fa7e89871f7806f6_black-basta_darkgate_elex_gcleaner

  • Size

    7.3MB

  • Sample

    250630-tlb3ss1sbv

  • MD5

    42c4e42a0c8a5aa0fa7e89871f7806f6

  • SHA1

    d92caa65cebd97df5984192644fe0b99ef633c92

  • SHA256

    478896d0422e6254db5fe995ead8a70f59f9f79d5552b704b23ff9287078ab07

  • SHA512

    07926a9e9da09680d5e68b5dbdcfa523909c7c9ca843f3329ec109bf8f777c3e704607d495bbaed73ca70f98ab7746b461a20b174c0edaa8dafeba0f5039b0de

  • SSDEEP

    98304:8ugIIre9yDAD7KjjqkusjmqMhio1l9CV3JPFrC3:/IDewjqkjiqMLT9aJPFS

Malware Config

Targets

    • Target

      2025-06-30_42c4e42a0c8a5aa0fa7e89871f7806f6_black-basta_darkgate_elex_gcleaner

    • Size

      7.3MB

    • MD5

      42c4e42a0c8a5aa0fa7e89871f7806f6

    • SHA1

      d92caa65cebd97df5984192644fe0b99ef633c92

    • SHA256

      478896d0422e6254db5fe995ead8a70f59f9f79d5552b704b23ff9287078ab07

    • SHA512

      07926a9e9da09680d5e68b5dbdcfa523909c7c9ca843f3329ec109bf8f777c3e704607d495bbaed73ca70f98ab7746b461a20b174c0edaa8dafeba0f5039b0de

    • SSDEEP

      98304:8ugIIre9yDAD7KjjqkusjmqMhio1l9CV3JPFrC3:/IDewjqkjiqMLT9aJPFS

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v16

Tasks