General

  • Target

    2025-07-04_65c1f162f5cd22ef5b909720d9662edc_amadey_avoslocker_black-basta_elex_luca-stealer_lynx_remcos_smoke-loader

  • Size

    1.7MB

  • Sample

    250704-nnrclsdn4v

  • MD5

    65c1f162f5cd22ef5b909720d9662edc

  • SHA1

    9a4c425c56e6f5b45dcc838e3c8da6103637cd34

  • SHA256

    9204ad462156187270b4f557b0360683efa13b93261f8a0270ee537f5a86c3dc

  • SHA512

    5103c8570d5330f12a93fdee124b78cf44a1d4445863d128caf0c5a02bcbe9f97b581c9a2ac56519ad3dbba35608ea746ebd2d296b86b2c3d4410336e775d001

  • SSDEEP

    49152:d5huCXglIimUfkVUK1gF5SW6H8DS52tdDpbRZy:dmCXgl+UQUKM5SSDntdDpbRZy

Malware Config

Targets

    • Target

      2025-07-04_65c1f162f5cd22ef5b909720d9662edc_amadey_avoslocker_black-basta_elex_luca-stealer_lynx_remcos_smoke-loader

    • Size

      1.7MB

    • MD5

      65c1f162f5cd22ef5b909720d9662edc

    • SHA1

      9a4c425c56e6f5b45dcc838e3c8da6103637cd34

    • SHA256

      9204ad462156187270b4f557b0360683efa13b93261f8a0270ee537f5a86c3dc

    • SHA512

      5103c8570d5330f12a93fdee124b78cf44a1d4445863d128caf0c5a02bcbe9f97b581c9a2ac56519ad3dbba35608ea746ebd2d296b86b2c3d4410336e775d001

    • SSDEEP

      49152:d5huCXglIimUfkVUK1gF5SW6H8DS52tdDpbRZy:dmCXgl+UQUKM5SSDntdDpbRZy

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks