General
-
Target
2025-03-30_840840851d5a9dc8b18b5e35b6378f56_black-basta_cobalt-strike_ryuk_satacom
-
Size
6.8MB
-
Sample
250330-zt5yqsw1dt
-
MD5
840840851d5a9dc8b18b5e35b6378f56
-
SHA1
aa7483b7cc1d3b56a552c68d52ab5f622b95fbaf
-
SHA256
46ddbde117742cd75abca02b7248fe5a32c536e0e28411450168a7be3bdd01c7
-
SHA512
c7735eb5308ada0735cb857a60a50fbf288830312e11f6ec26626c6081d9dfac20b03b08788be041a936b639995515dbdf035184258a2e6d76d51e1d2b6dd991
-
SSDEEP
49152:3fuvW0EOoKwpjRsgsK6dYXC6CroK0Ymajp2Ya323Frovc2PDuXn9qXnDDSNUScjx:2R1rtBLo3or2/PDmy38P2IjzTOSdhvs
Malware Config
Targets
-
-
Target
2025-03-30_840840851d5a9dc8b18b5e35b6378f56_black-basta_cobalt-strike_ryuk_satacom
-
Size
6.8MB
-
MD5
840840851d5a9dc8b18b5e35b6378f56
-
SHA1
aa7483b7cc1d3b56a552c68d52ab5f622b95fbaf
-
SHA256
46ddbde117742cd75abca02b7248fe5a32c536e0e28411450168a7be3bdd01c7
-
SHA512
c7735eb5308ada0735cb857a60a50fbf288830312e11f6ec26626c6081d9dfac20b03b08788be041a936b639995515dbdf035184258a2e6d76d51e1d2b6dd991
-
SSDEEP
49152:3fuvW0EOoKwpjRsgsK6dYXC6CroK0Ymajp2Ya323Frovc2PDuXn9qXnDDSNUScjx:2R1rtBLo3or2/PDmy38P2IjzTOSdhvs
Score7/10-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1