General

  • Target

    2025-07-01_bd633979c9308f4d2facb6b7960b9be8_agent-tesla_amadey_black-basta_darkgate_elex_luca-stealer

  • Size

    25.6MB

  • Sample

    250701-j6vqjassgt

  • MD5

    bd633979c9308f4d2facb6b7960b9be8

  • SHA1

    b89d1a67eb0fecb754a4e30c9068067713317122

  • SHA256

    7498ae63d8632ff0262eeefe72e432c45a8a579a0bf4db25f6427baf678d138e

  • SHA512

    277741872227d4299d34e23f0296c7680d9200a9c00e5aae0084afabcbd697cee1cfe948708d4b3a6764ec68f940c66e344effe3e8d40c4e8fa122dfa5d935d5

  • SSDEEP

    786432:dXwh5ZPo5Rvjewynipa2IopRJQ9QVlv+txKI:GRPZwyni1gPV

Malware Config

Targets

    • Target

      2025-07-01_bd633979c9308f4d2facb6b7960b9be8_agent-tesla_amadey_black-basta_darkgate_elex_luca-stealer

    • Size

      25.6MB

    • MD5

      bd633979c9308f4d2facb6b7960b9be8

    • SHA1

      b89d1a67eb0fecb754a4e30c9068067713317122

    • SHA256

      7498ae63d8632ff0262eeefe72e432c45a8a579a0bf4db25f6427baf678d138e

    • SHA512

      277741872227d4299d34e23f0296c7680d9200a9c00e5aae0084afabcbd697cee1cfe948708d4b3a6764ec68f940c66e344effe3e8d40c4e8fa122dfa5d935d5

    • SSDEEP

      786432:dXwh5ZPo5Rvjewynipa2IopRJQ9QVlv+txKI:GRPZwyni1gPV

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v16

Tasks