Overview

overview

8

Static

static

1

2025-05-08...er.exe

windows10-2004-x64

8

2025-05-08...er.exe

windows11-21h2-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2025-05-08_6b2391b9f08242dcb6e39237b6e820d0_amadey_black-basta_darkgate_elex_hellokitty_luca-stealer_metamorfo_smoke-loader

  • Size

    23.4MB

  • Sample

    250508-hq6bnayydy

  • MD5

    6b2391b9f08242dcb6e39237b6e820d0

  • SHA1

    ed8ed8dadd55ffddb0ea47acf62254cdb1b4e205

  • SHA256

    507aa5a8f21a42fb273d91f326f5c60bd76f744bd1b2a96f21b45ca398ddabac

  • SHA512

    66a50ee378f9080ae6dc576eb39ba973a75b8e6b00b2233ffeb8ba3ae29d270d964e27987141b375b72dfb58142591ef154d4ad7f0530b322fbb7ce10cb36b0f

  • SSDEEP

    393216:psVXr3hExEMNu13tHyCHuyCH/1hqLea3eA0T5xN:mJjhvou13tHBuB2evAaL

Score
8/10
defense_evasiondiscovery

Malware Config

Targets

    • Target

      2025-05-08_6b2391b9f08242dcb6e39237b6e820d0_amadey_black-basta_darkgate_elex_hellokitty_luca-stealer_metamorfo_smoke-loader

    • Size

      23.4MB

    • MD5

      6b2391b9f08242dcb6e39237b6e820d0

    • SHA1

      ed8ed8dadd55ffddb0ea47acf62254cdb1b4e205

    • SHA256

      507aa5a8f21a42fb273d91f326f5c60bd76f744bd1b2a96f21b45ca398ddabac

    • SHA512

      66a50ee378f9080ae6dc576eb39ba973a75b8e6b00b2233ffeb8ba3ae29d270d964e27987141b375b72dfb58142591ef154d4ad7f0530b322fbb7ce10cb36b0f

    • SSDEEP

      393216:psVXr3hExEMNu13tHyCHuyCH/1hqLea3eA0T5xN:mJjhvou13tHBuB2evAaL

    Score
    8/10
    defense_evasiondiscovery

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Obfuscated Files or Information: Command Obfuscation

      Adversaries may obfuscate content during command execution to impede detection.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v16

Tasks

OSZAR »