General

  • Target

    2025-07-01_5e5fe3f9e52a6358704b00366ff96fe0_black-basta_elex_hijackloader_remcos

  • Size

    5.7MB

  • Sample

    250701-jw468a11ex

  • MD5

    5e5fe3f9e52a6358704b00366ff96fe0

  • SHA1

    6cd28ca9ad8db3aab9ecad7cc9d30c291c10b200

  • SHA256

    28aea97975678242f0e5681e3277cb2fc52c9785114962442fbb3b6317a08d2f

  • SHA512

    d8037f0a261189bac746eaf7201ada6d5dbf4b562a0dda4e9e03f6e0550ececd70f0986d15692618e7c2fb286e51e9d29df965b742d5fff70adfcb60898d95ac

  • SSDEEP

    49152:wPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTPBJ:OKUgTH2M2m9UMpu1QfLczqssnKSk

Malware Config

Targets

    • Target

      2025-07-01_5e5fe3f9e52a6358704b00366ff96fe0_black-basta_elex_hijackloader_remcos

    • Size

      5.7MB

    • MD5

      5e5fe3f9e52a6358704b00366ff96fe0

    • SHA1

      6cd28ca9ad8db3aab9ecad7cc9d30c291c10b200

    • SHA256

      28aea97975678242f0e5681e3277cb2fc52c9785114962442fbb3b6317a08d2f

    • SHA512

      d8037f0a261189bac746eaf7201ada6d5dbf4b562a0dda4e9e03f6e0550ececd70f0986d15692618e7c2fb286e51e9d29df965b742d5fff70adfcb60898d95ac

    • SSDEEP

      49152:wPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTPBJ:OKUgTH2M2m9UMpu1QfLczqssnKSk

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks