General
-
Target
2025-07-04_10a14d1d26aaa8ee5e158d3140973871_agent-tesla_amadey_black-basta_elex_luca-stealer
-
Size
2.6MB
-
Sample
250704-ymrxvsxycy
-
MD5
10a14d1d26aaa8ee5e158d3140973871
-
SHA1
b1255587dc53f0ac5fe381b68fc020be098b6122
-
SHA256
58cbf6ca0cea5a58c9fcf795f24ecb375397268d30dbf98a2b55b9057f706f29
-
SHA512
5dc787c8aa829f6720b00dafa76f6c88952ea8ff4b7946a94a768bd0811e5c45e5ba088e97c85f2d1ea71ff9d2299cc8941bc8f04293ba9200f53643b366d6ca
-
SSDEEP
49152:iPVt3LZeJbInQRa0ru26yXdmewByO9QaE6jHkCcf43Dmg27RnWGj:A7YbInQzdzwcJ67xcfWD527BWG
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-04_10a14d1d26aaa8ee5e158d3140973871_agent-tesla_amadey_black-basta_elex_luca-stealer.exe
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
2025-07-04_10a14d1d26aaa8ee5e158d3140973871_agent-tesla_amadey_black-basta_elex_luca-stealer.exe
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
2025-07-04_10a14d1d26aaa8ee5e158d3140973871_agent-tesla_amadey_black-basta_elex_luca-stealer
-
Size
2.6MB
-
MD5
10a14d1d26aaa8ee5e158d3140973871
-
SHA1
b1255587dc53f0ac5fe381b68fc020be098b6122
-
SHA256
58cbf6ca0cea5a58c9fcf795f24ecb375397268d30dbf98a2b55b9057f706f29
-
SHA512
5dc787c8aa829f6720b00dafa76f6c88952ea8ff4b7946a94a768bd0811e5c45e5ba088e97c85f2d1ea71ff9d2299cc8941bc8f04293ba9200f53643b366d6ca
-
SSDEEP
49152:iPVt3LZeJbInQRa0ru26yXdmewByO9QaE6jHkCcf43Dmg27RnWGj:A7YbInQzdzwcJ67xcfWD527BWG
-
Darkcloud family
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v16
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1