General
-
Target
2025-03-30_e4a4f79d4043600af780bd6a7b996855_black-basta_cobalt-strike_satacom
-
Size
10.8MB
-
Sample
250330-dxbcmsyygt
-
MD5
e4a4f79d4043600af780bd6a7b996855
-
SHA1
58249cdfc0d96bdecdb53a04fa84c8587f28fda5
-
SHA256
7d274ce63de1d885d7a5c4bb70436831f38f1e652ae837982a176a02f6896cc7
-
SHA512
a7a3a8e8a5da169bf16af337b713e3aab09b4ec8b9ab50cfeca047e69d39c68e888e4eaaed96a68626fbd7c9614894227b3c6b04df265e236967649b0fc686c3
-
SSDEEP
196608:Z0u78K/ZfwdQmRJ8dA6lfuqaycBIGpEGo6hTOv+QKfgaq1CivWDvlLUpLUC1YiP:Wu7L/+dQuslfq9foWOv+9fIqNLUpr
Malware Config
Targets
-
-
Target
2025-03-30_e4a4f79d4043600af780bd6a7b996855_black-basta_cobalt-strike_satacom
-
Size
10.8MB
-
MD5
e4a4f79d4043600af780bd6a7b996855
-
SHA1
58249cdfc0d96bdecdb53a04fa84c8587f28fda5
-
SHA256
7d274ce63de1d885d7a5c4bb70436831f38f1e652ae837982a176a02f6896cc7
-
SHA512
a7a3a8e8a5da169bf16af337b713e3aab09b4ec8b9ab50cfeca047e69d39c68e888e4eaaed96a68626fbd7c9614894227b3c6b04df265e236967649b0fc686c3
-
SSDEEP
196608:Z0u78K/ZfwdQmRJ8dA6lfuqaycBIGpEGo6hTOv+QKfgaq1CivWDvlLUpLUC1YiP:Wu7L/+dQuslfq9foWOv+9fIqNLUpr
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-