Managed XDR
Group-IB MDP Report
File info
Filename: home-petik-ss-malware-2025-07-03_06486da522cafb1de93b1e5c3e5f4b4c_amadey_black-basta_elex_luca-stealer_smoke-loader
File Type: PE32 executable (GUI) Intel 80386, for MS Windows
File Size: 3 MB
Env info
win7/x86 en
Hashes
SHA1: 4ec6061159f037df9d6e6a72e0c812898695f6ec
SHA256: 367f2699167b32bfafaee8204d8103416e334633dd930fc7add9d2741db4f133
MD5: 06486da522cafb1de93b1e5c3e5f4b4c
Malwares
Tinba
Signatures
Privilege Escalation
T1134 opens_process_token: Opens the access token associated with a process
Defense Evasion
T1027.002 pe_features: Executable file has PE anomalies (may be false positive)
T1134 opens_process_token: Opens the access token associated with a process
Other
yara_rules: Static rules
no_graphical_activity: No graphic activity
next report: ecccf8e9-5327-4400-b5cc-3f7a650c41c7
previous report: 3c731db5-4756-4e66-9b51-e7e10d801775
Managed XDR