General

  • Target

    2025-07-04_08dc419aefe62b39e5070137a0f8e309_amadey_black-basta_darkgate_elex_hawkeye_hijackloader_luca-stealer_smoke-loader

  • Size

    1.3MB

  • Sample

    250704-p2sy2as1cx

  • MD5

    08dc419aefe62b39e5070137a0f8e309

  • SHA1

    f31699ce7e894e9c9c642fd9981051423c7f59c7

  • SHA256

    94d00f62d99e05f4d7ef678015538dc07e4d1802e0bc549ebfd3926d3dc5fa78

  • SHA512

    5af65e02e438c2ea37c8fc06a25add40f85e8415c1514efcbd2760b9d3eef87ed069d31fad45703c10237c63b6e5db33cfa62e5cb6327973cf4fbd319ad60810

  • SSDEEP

    24576:M1E9tnli1E9tnlm+MK/Rjd48OMaewsAjzHQy5Sk2nwf:oGeGO+njdzOvljv92nu

Malware Config

Targets

    • Target

      2025-07-04_08dc419aefe62b39e5070137a0f8e309_amadey_black-basta_darkgate_elex_hawkeye_hijackloader_luca-stealer_smoke-loader

    • Size

      1.3MB

    • MD5

      08dc419aefe62b39e5070137a0f8e309

    • SHA1

      f31699ce7e894e9c9c642fd9981051423c7f59c7

    • SHA256

      94d00f62d99e05f4d7ef678015538dc07e4d1802e0bc549ebfd3926d3dc5fa78

    • SHA512

      5af65e02e438c2ea37c8fc06a25add40f85e8415c1514efcbd2760b9d3eef87ed069d31fad45703c10237c63b6e5db33cfa62e5cb6327973cf4fbd319ad60810

    • SSDEEP

      24576:M1E9tnli1E9tnlm+MK/Rjd48OMaewsAjzHQy5Sk2nwf:oGeGO+njdzOvljv92nu

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks