General

  • Target

    2025-07-03_a67ff9d45f5af20b47da40162fba61cf_amadey_black-basta_coinminer_darkgate_elex_hijackloader_luca-stealer_qakbot_swisyn

  • Size

    4.3MB

  • Sample

    250703-gnmabsvnt6

  • MD5

    a67ff9d45f5af20b47da40162fba61cf

  • SHA1

    c0913b35528a5b99b49d1f43b7e5b1a36a0f3f42

  • SHA256

    8c52953d71a3d290f94e472553219ac51d9b56e4dcd72dc468633842bf45924c

  • SHA512

    4fae31818be89b175817fa85c0d927ee39bbadd4697cf1c4c5877d98bbf43f7e171b2c5a4a3e3e835dad2c0b3aeb1190fac53a3e6925c17834077b7c4ee43524

  • SSDEEP

    49152:tx9egtsrW4x8cCkSfW5GSdDRTCkJGJuYlAWGs5F8XSUgry+UABmtPz0TIlMCKgzk:/9eFrWo5GSxRvJEuOG6GS++UVd0TKk

Malware Config

Targets

    • Target

      2025-07-03_a67ff9d45f5af20b47da40162fba61cf_amadey_black-basta_coinminer_darkgate_elex_hijackloader_luca-stealer_qakbot_swisyn

    • Size

      4.3MB

    • MD5

      a67ff9d45f5af20b47da40162fba61cf

    • SHA1

      c0913b35528a5b99b49d1f43b7e5b1a36a0f3f42

    • SHA256

      8c52953d71a3d290f94e472553219ac51d9b56e4dcd72dc468633842bf45924c

    • SHA512

      4fae31818be89b175817fa85c0d927ee39bbadd4697cf1c4c5877d98bbf43f7e171b2c5a4a3e3e835dad2c0b3aeb1190fac53a3e6925c17834077b7c4ee43524

    • SSDEEP

      49152:tx9egtsrW4x8cCkSfW5GSdDRTCkJGJuYlAWGs5F8XSUgry+UABmtPz0TIlMCKgzk:/9eFrWo5GSxRvJEuOG6GS++UVd0TKk

    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks