General

  • Target

    2025-07-03_18be000b4bcf0d4f399864b4519906e5_amadey_avoslocker_black-basta_darkgate_elex_luca-stealer_lynx

  • Size

    2.6MB

  • Sample

    250703-f7wgnstyew

  • MD5

    18be000b4bcf0d4f399864b4519906e5

  • SHA1

    ce6e2e123d532921a540b1ebf57c23b1d07dfb95

  • SHA256

    0d036e0d1d1587a9e9c7c80debee0a0c47a99b0548c09267944a25314fb47d52

  • SHA512

    421d207e659733c79f9ad36dd09ba8eec17c7541879e0aceb8bc16c40fb83995c1ac47115f563b4a48c14fa23ef9e6af075485fa3b66cf86dc97bc4a656d741d

  • SSDEEP

    49152:GD1BoYq7gelWP/iV6Vp2ZXJdEIC/3gRz:BYqMespVpQdEICkz

Malware Config

Targets

    • Target

      2025-07-03_18be000b4bcf0d4f399864b4519906e5_amadey_avoslocker_black-basta_darkgate_elex_luca-stealer_lynx

    • Size

      2.6MB

    • MD5

      18be000b4bcf0d4f399864b4519906e5

    • SHA1

      ce6e2e123d532921a540b1ebf57c23b1d07dfb95

    • SHA256

      0d036e0d1d1587a9e9c7c80debee0a0c47a99b0548c09267944a25314fb47d52

    • SHA512

      421d207e659733c79f9ad36dd09ba8eec17c7541879e0aceb8bc16c40fb83995c1ac47115f563b4a48c14fa23ef9e6af075485fa3b66cf86dc97bc4a656d741d

    • SSDEEP

      49152:GD1BoYq7gelWP/iV6Vp2ZXJdEIC/3gRz:BYqMespVpQdEICkz

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks