62f718a3981aae16539de2cb0ab69ce3dffcf0b078104d057bd2d570976d4bbb | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2025-03-31...ta.exe

windows10-2004-x64

7

Sharing

General

Target

2025-03-31_f92333fb5f480f7bfff7776ac4c45987_black-basta
Size

4.7MB
Sample

250331-sk786ssvh1
MD5

f92333fb5f480f7bfff7776ac4c45987
SHA1

d805b39b2a0e71a5e447bd9503655d632b34c1d3
SHA256

62f718a3981aae16539de2cb0ab69ce3dffcf0b078104d057bd2d570976d4bbb
SHA512

44dc298a91f89bb5f2f9de01de0080e1f355e02be338cad16e5e569b29187312714059bc161a00e39baddfebd61f8af2a8430c0a8723db3d595f92671340aa6d
SSDEEP

98304:Q8oAq1R4/6eW3oAOQ2Ld8R4XW/2XPoaenCJvoV2y7h2zr:Q8b/6pgLdU4mraXJvmI

Score

7^/10

discovery persistence privilege_escalation

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-03-31_f92333fb5f480f7bfff7776ac4c45987_black-basta.exe

Resource

win10v2004-20250314-en

discovery persistence privilege_escalation

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-03-31_f92333fb5f480f7bfff7776ac4c45987_black-basta
- Size
  
  4.7MB
- MD5
  
  f92333fb5f480f7bfff7776ac4c45987
- SHA1
  
  d805b39b2a0e71a5e447bd9503655d632b34c1d3
- SHA256
  
  62f718a3981aae16539de2cb0ab69ce3dffcf0b078104d057bd2d570976d4bbb
- SHA512
  
  44dc298a91f89bb5f2f9de01de0080e1f355e02be338cad16e5e569b29187312714059bc161a00e39baddfebd61f8af2a8430c0a8723db3d595f92671340aa6d
- SSDEEP
  
  98304:Q8oAq1R4/6eW3oAOQ2Ld8R4XW/2XPoaenCJvoV2y7h2zr:Q8b/6pgLdU4mraXJvmI
Score

7^/10

discovery persistence privilege_escalation
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

© 2018-2025

Terms | Privacy