General
-
Target
2025-07-01_5e5fe3f9e52a6358704b00366ff96fe0_black-basta_elex_hijackloader_remcos
-
Size
5.7MB
-
Sample
250701-jw468a11ex
-
MD5
5e5fe3f9e52a6358704b00366ff96fe0
-
SHA1
6cd28ca9ad8db3aab9ecad7cc9d30c291c10b200
-
SHA256
28aea97975678242f0e5681e3277cb2fc52c9785114962442fbb3b6317a08d2f
-
SHA512
d8037f0a261189bac746eaf7201ada6d5dbf4b562a0dda4e9e03f6e0550ececd70f0986d15692618e7c2fb286e51e9d29df965b742d5fff70adfcb60898d95ac
-
SSDEEP
49152:wPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTPBJ:OKUgTH2M2m9UMpu1QfLczqssnKSk
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-01_5e5fe3f9e52a6358704b00366ff96fe0_black-basta_elex_hijackloader_remcos.exe
Resource
win10v2004-20250610-en
Malware Config
Targets
-
-
Target
2025-07-01_5e5fe3f9e52a6358704b00366ff96fe0_black-basta_elex_hijackloader_remcos
-
Size
5.7MB
-
MD5
5e5fe3f9e52a6358704b00366ff96fe0
-
SHA1
6cd28ca9ad8db3aab9ecad7cc9d30c291c10b200
-
SHA256
28aea97975678242f0e5681e3277cb2fc52c9785114962442fbb3b6317a08d2f
-
SHA512
d8037f0a261189bac746eaf7201ada6d5dbf4b562a0dda4e9e03f6e0550ececd70f0986d15692618e7c2fb286e51e9d29df965b742d5fff70adfcb60898d95ac
-
SSDEEP
49152:wPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTPBJ:OKUgTH2M2m9UMpu1QfLczqssnKSk
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v16
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1