General

  • Target

    2025-07-04_f5c1d626facab637813d2ea3686cb429_amadey_black-basta_darkgate_elex_hawkeye_luca-stealer_smoke-loader

  • Size

    1.3MB

  • Sample

    250704-ppsgqshp4v

  • MD5

    f5c1d626facab637813d2ea3686cb429

  • SHA1

    5eda19331d8ce4f1012bae55d099738e65a8c60f

  • SHA256

    67bc0b9f7166d1086f1d2994ca7fabe58bc981a9f5cf0cab2dc74328f4ce1638

  • SHA512

    a6c48d42b5a7437a656de0ebfcecd7b052881d1d997b146e8ad80247590d7371eb7953c6c535c7e2782d10a7458a7df43a21e4112ea64d23bfe96379954570ee

  • SSDEEP

    24576:M1E9tnli1E9tnlm+MK/Rjd48OMaewsAjzHQy5Sk2eITe:oGeGO+njdzOvljv92RTe

Malware Config

Targets

    • Target

      2025-07-04_f5c1d626facab637813d2ea3686cb429_amadey_black-basta_darkgate_elex_hawkeye_luca-stealer_smoke-loader

    • Size

      1.3MB

    • MD5

      f5c1d626facab637813d2ea3686cb429

    • SHA1

      5eda19331d8ce4f1012bae55d099738e65a8c60f

    • SHA256

      67bc0b9f7166d1086f1d2994ca7fabe58bc981a9f5cf0cab2dc74328f4ce1638

    • SHA512

      a6c48d42b5a7437a656de0ebfcecd7b052881d1d997b146e8ad80247590d7371eb7953c6c535c7e2782d10a7458a7df43a21e4112ea64d23bfe96379954570ee

    • SSDEEP

      24576:M1E9tnli1E9tnlm+MK/Rjd48OMaewsAjzHQy5Sk2eITe:oGeGO+njdzOvljv92RTe

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks