Managed XDR
Group-IB MDP Report
File info
Filename: home-petik-ss-malware-2025-07-03_2aef540863d2439f5d3e71f0489d81de_amadey_black-basta_elex_luca-stealer_smoke-loader
File Type: PE32 executable (GUI) Intel 80386, for MS Windows
File Size: 3 MB
Env info
win7/x86 en
Hashes
SHA1: 6d74dc833c6fa577989ce4f6fedf4cd9a36cd8e7
SHA256: f08885f95e1421a4b63af782682c58b718a541466daccac2bd03c6693d38e9a2
MD5: 2aef540863d2439f5d3e71f0489d81de
Malwares
Tinba
Signatures
Privilege Escalation
T1134 opens_process_token: Opens the access token associated with a process
Defense Evasion
T1027.002 pe_features: Executable file has PE anomalies (may be false positive)
T1134 opens_process_token: Opens the access token associated with a process
Other
yara_rules: Static rules
no_graphical_activity: No graphic activity
next report: bf16091a-2c37-44f0-83e0-9b19d5da6582
previous report: 2677cef1-09be-45a8-9c08-c6ea17273ae3
Managed XDR