General

  • Target

    2025-07-04_2d234aa6ba2342363070fc9f88f0d5cd_amadey_black-basta_darkgate_elex_hawkeye_hijackloader_luca-stealer_smoke-loader

  • Size

    1.3MB

  • Sample

    250704-p2pllstmt6

  • MD5

    2d234aa6ba2342363070fc9f88f0d5cd

  • SHA1

    5a0bb8e759057e11c5f19fd630d4f0b6c898250a

  • SHA256

    e525d35406e7646dcba9498741ceb5797938bef6888482a92eda25124e95e67f

  • SHA512

    b77bc8a01f099c0215d62b41809ce4087c0ffd06c5b83e1a92b1d7944601f4ed4cfe2e35665c135b37fc9aac1e1f9c53b5db46961733a5280ee2744bbe0a0d80

  • SSDEEP

    24576:M1E9tnli1E9tnlm+MK/Rjd48OMaewsAjzHQy5Sk2x+NM+d:oGeGO+njdzOvljv92xx+d

Malware Config

Targets

    • Target

      2025-07-04_2d234aa6ba2342363070fc9f88f0d5cd_amadey_black-basta_darkgate_elex_hawkeye_hijackloader_luca-stealer_smoke-loader

    • Size

      1.3MB

    • MD5

      2d234aa6ba2342363070fc9f88f0d5cd

    • SHA1

      5a0bb8e759057e11c5f19fd630d4f0b6c898250a

    • SHA256

      e525d35406e7646dcba9498741ceb5797938bef6888482a92eda25124e95e67f

    • SHA512

      b77bc8a01f099c0215d62b41809ce4087c0ffd06c5b83e1a92b1d7944601f4ed4cfe2e35665c135b37fc9aac1e1f9c53b5db46961733a5280ee2744bbe0a0d80

    • SSDEEP

      24576:M1E9tnli1E9tnlm+MK/Rjd48OMaewsAjzHQy5Sk2x+NM+d:oGeGO+njdzOvljv92xx+d

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks