Analysis
-
max time kernel
15s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
27/03/2025, 00:47
General
-
Target
2025-03-27_0ea6cd4aab1215cd1daf61c7ae7e179f_black-basta_cobalt-strike_satacom.exe
-
Size
8.3MB
-
MD5
0ea6cd4aab1215cd1daf61c7ae7e179f
-
SHA1
6a3c082bee8c93e84ae5e2234dce7fe445ba364d
-
SHA256
e8eacd92b47c102ca279256923803e2cb5451bc25c7289bffb3c49c32b01ee59
-
SHA512
2c84e07d68e996e465e5311f9d77a8800d83362f694dc939364c23506d33dc109d6d0271d2b846763e1c1315e27688179f7d02077ff7415f9fda2425dbde6c1c
-
SSDEEP
196608:O0yWqWQ3FSsFXMCHGLLc54i1wN+aV0cSXl74w4Uqpn81z816:O3FSsFXMCHWUjCVg74w0p36
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2025-03-27_0ea6cd4aab1215cd1daf61c7ae7e179f_black-basta_cobalt-strike_satacom.exe"C:\Users\Admin\AppData\Local\Temp\2025-03-27_0ea6cd4aab1215cd1daf61c7ae7e179f_black-basta_cobalt-strike_satacom.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2025-03-27_0ea6cd4aab1215cd1daf61c7ae7e179f_black-basta_cobalt-strike_satacom.exe"C:\Users\Admin\AppData\Local\Temp\2025-03-27_0ea6cd4aab1215cd1daf61c7ae7e179f_black-basta_cobalt-strike_satacom.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.8MB
MD5501080884bed38cb8801a307c9d7b7b4
SHA1881b250cc8f4fa4f75111ac557a4fde8e1e217af
SHA256bf68cf819a1e865170430c10e91c18b427aef88db1da1742020443864aa2b749
SHA51263d74a4871d1c72c2a79ae8a5d380070f9d2128c16949c3ad36c9862fcc4dab738137ed3d51caf0bc46b36655f8bd8a2d425d68200123415ee8d4de0e1cbebc9