Analysis
-
max time kernel
101s -
max time network
127s -
platform
windows11-21h2_x64 -
resource
win11-20250610-en -
resource tags
arch:x64arch:x86image:win11-20250610-enlocale:en-usos:windows11-21h2-x64system -
submitted
03/07/2025, 05:55
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-03_9c41dac10ae486510808a5da592ca473_amadey_black-basta_darkgate_elex_luca-stealer.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
2025-07-03_9c41dac10ae486510808a5da592ca473_amadey_black-basta_darkgate_elex_luca-stealer.exe
Resource
win11-20250610-en
General
-
Target
2025-07-03_9c41dac10ae486510808a5da592ca473_amadey_black-basta_darkgate_elex_luca-stealer.exe
-
Size
9.7MB
-
MD5
9c41dac10ae486510808a5da592ca473
-
SHA1
53c192a67787f26d6ec8e61086fdd0b5a7eb40c7
-
SHA256
d054156f2800b5e2a86c2f6a155176ad5de8cf79dd7cb703d0e6065e1ad5927e
-
SHA512
8c5d91553a5995d9d369cf83d404da26359590faa55f8acb06d0f065315aa2d762dd316097bd725fbcc9544e5f8024c9d99079875f5366d51092b0f438ea1d4c
-
SSDEEP
98304:hnrarj8kohy/QOucDGdta0aJgi14xNTEY9xFUkcVwNSHfbv/kaIhThwM:hraMb6DGPbGgi14NTx9Pe20/zkaiuM
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 2025-07-03_9c41dac10ae486510808a5da592ca473_amadey_black-basta_darkgate_elex_luca-stealer.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 5348 2025-07-03_9c41dac10ae486510808a5da592ca473_amadey_black-basta_darkgate_elex_luca-stealer.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\2025-07-03_9c41dac10ae486510808a5da592ca473_amadey_black-basta_darkgate_elex_luca-stealer.exe"C:\Users\Admin\AppData\Local\Temp\2025-07-03_9c41dac10ae486510808a5da592ca473_amadey_black-basta_darkgate_elex_luca-stealer.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:5348
Network
MITRE ATT&CK Enterprise v16
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD57811802553be5ad2214ab1b56f2d0fcb
SHA1f1b2dfb2bb3eadc9530eacd2f164898ee57f0565
SHA256a5f4aa72d30295a27ba9073b4dcc902268b3d3d75f3d3b5d53462c11c47ce123
SHA512df28eeeb7a5f1eb8242466dbd2d5e8961eb46eed5b85cbfd5c32c12421c72a603c12de9745140e3296ae8d982bf789c38e4d14250b47b61824af4412f31090b1
-
Filesize
4KB
MD5b535210cf0dee6c8fdd5a8d6e15f0334
SHA15b7c7a9a328e0250dcf5dcd62a97b4c6921c57fa
SHA256b7467a77864fb0d6589fc4acf1b7d4493469f58ad452a0be9d2ce2d8ee3d062e
SHA51226fada0422f7504754755b756cb6bba972bbc82b93b70de5af4a6ff4ca46eaf3037d2c471cd8363d632cf907daf162e6670cdfa03276ebf3e8088ded3bd8746c
-
Filesize
8KB
MD5dff0925ca6b3e68647998f1af0c651dc
SHA12cf9240305eedfcfd43e9cfb02dbfa9350ead84b
SHA256c47aadde358aab08f1897f0efb7c3a23c1f960adb17fce62c8ce16824a0d022a
SHA51268e3e011f23b48dce024fb43a2f9c06b05a68525718bc458f3022c1f5de12542925cbf53f65d4a59904a7b881b65e892365244d5dcec0ac18ead4006062f4cd2
-
Filesize
38B
MD5f98b166d95f0f39fbbc1ef5d4cac54b6
SHA1a71fec34baebcdca5b995d377f78f07cdc65d04e
SHA2560c91d69e3289eb3c1a89cf5b7bc275e3a23c43f8f8221758798369d06da3ab1d
SHA512dba2efcabe42035ce3dce22766d027fc6b3835ea6c322d6e5776b8e79c22e2a547a10deae0b8ae03316fca597d2597b13ee15456a1929ca011b36f97db3f4d6d