Managed XDR
Group-IB MDP Report
File info
Filename: home-petik-ss-malware-2025-07-03_694373ee2066292f04e823aa399d29dd_amadey_black-basta_elex_luca-stealer_smoke-loader
File Type: PE32 executable (GUI) Intel 80386, for MS Windows
File Size: 3 MB
Env info
win7/x86 en
Hashes
SHA1: 157f045c844efbfd60f8eb7484c6709f9487ace8
SHA256: 6bda9d9b353c48a5028c1db6c62c60494f446b713ca1687d7796d1d1119d9096
MD5: 694373ee2066292f04e823aa399d29dd
Malwares
Tinba
Signatures
Privilege Escalation
T1134 opens_process_token: Opens the access token associated with a process
Defense Evasion
T1027.002 pe_features: Executable file has PE anomalies (may be false positive)
T1134 opens_process_token: Opens the access token associated with a process
Other
yara_rules: Static rules
no_graphical_activity: No graphic activity
next report: c58d0fb3-9f61-4663-bff9-d7521456789c
previous report: 12f59bf3-7712-4844-b321-58868dbef1ce
Managed XDR