a4b784e94d87f8a273d86cadeb381b6f33550b356cffd8e39332bb55b97b7ba5 | Triage

Sharing

General

Target

2025-03-30_ad166d5ac571db0023402109563ca200_black-basta_cobalt-strike_satacom
Size

12.6MB
Sample

250330-yf637sxqx7
MD5

ad166d5ac571db0023402109563ca200
SHA1

f348d7863efcd15c193b25bb66d6c11cad7ba036
SHA256

a4b784e94d87f8a273d86cadeb381b6f33550b356cffd8e39332bb55b97b7ba5
SHA512

8e403175e7535311b97e722fdfe0c6692f39ed3209ad1fac64fdd3722cebfd9180744a826dfce6a296c94fe6692686e280a17100b2e3f66716fc79a4948bdb3a
SSDEEP

393216:JCg63hucsXMCHWUj5jx5WsqWxTwY3Rr69vb+:JCB3hrsXMb8ksqA/R8i

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  2025-03-30_ad166d5ac571db0023402109563ca200_black-basta_cobalt-strike_satacom
- Size
  
  12.6MB
- MD5
  
  ad166d5ac571db0023402109563ca200
- SHA1
  
  f348d7863efcd15c193b25bb66d6c11cad7ba036
- SHA256
  
  a4b784e94d87f8a273d86cadeb381b6f33550b356cffd8e39332bb55b97b7ba5
- SHA512
  
  8e403175e7535311b97e722fdfe0c6692f39ed3209ad1fac64fdd3722cebfd9180744a826dfce6a296c94fe6692686e280a17100b2e3f66716fc79a4948bdb3a
- SSDEEP
  
  393216:JCg63hucsXMCHWUj5jx5WsqWxTwY3Rr69vb+:JCB3hrsXMb8ksqA/R8i
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2