1942639c541470539b15b8fea26b1a02b2182ced0f42f22af143c5170bb01cc6

Analysis

max time kernel
103s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
31/03/2025, 06:56

Target

2025-03-31_ec06a1b0ea6f4debdc9778b59b63ec30_black-basta_cobalt-strike_satacom.exe
Size

30.0MB
MD5

ec06a1b0ea6f4debdc9778b59b63ec30
SHA1

9d40cf615c4d9f4c21b892fa5506a8f852cb3e1d
SHA256

1942639c541470539b15b8fea26b1a02b2182ced0f42f22af143c5170bb01cc6
SHA512

d62b9c59d933cda1879fd00d997deb60b952c1573d385638306ecdfdb8604aae56fcc0437566818b688fa694769948b4b8cadcb33e7bce98e69f15f753d973b6
SSDEEP

786432:zuTAzEyI4EETMmFxGF3khP1kGYJh5WcR0SGnCP+W:Rf3QUGUPCJnWqDP+W

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2936	2025-03-31_ec06a1b0ea6f4debdc9778b59b63ec30_black-basta_cobalt-strike_satacom.exe
2936	2025-03-31_ec06a1b0ea6f4debdc9778b59b63ec30_black-basta_cobalt-strike_satacom.exe

C:\Users\Admin\AppData\Local\Temp\2025-03-31_ec06a1b0ea6f4debdc9778b59b63ec30_black-basta_cobalt-strike_satacom.exe
"C:\Users\Admin\AppData\Local\Temp\2025-03-31_ec06a1b0ea6f4debdc9778b59b63ec30_black-basta_cobalt-strike_satacom.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2936