Managed XDR
Group-IB MDP Report
File info
Filename: home-petik-ss-malware-2025-07-03_e0b12173a29b286b8307892644ae42ad_amadey_black-basta_elex_luca-stealer_smoke-loader
File Type: PE32 executable (GUI) Intel 80386, for MS Windows
File Size: 3 MB
Env info
win7/x86 en
Hashes
SHA1: b1ce5e0d91420fa428991c933354bf7a6939722b
SHA256: 54fb223aca743f4ee0493c7088925969291394d133db5513d85ea84b930a1e6e
MD5: e0b12173a29b286b8307892644ae42ad
Malwares
Tinba
Signatures
Privilege Escalation
T1134 opens_process_token: Opens the access token associated with a process
Defense Evasion
T1027.002 pe_features: Executable file has PE anomalies (may be false positive)
T1134 opens_process_token: Opens the access token associated with a process
Other
yara_rules: Static rules
no_graphical_activity: No graphic activity
next report: dc4e1a8f-1e38-431f-8342-4dc5c882c67f
previous report: 04f5cd82-a21e-4c73-984a-736643253edb
Managed XDR