Extracted

• • Target

    2025-04-03_e4fe1cda1b965c4200e53953007721a6_black-basta_cobalt-strike_luca-stealer

  • Size

    784KB

  • MD5

    e4fe1cda1b965c4200e53953007721a6

  • SHA1

    e47cc08535efa0e3b38a518c44f827389699c6c9

  • SHA256

    8f460857b46f1247edac09f59cc4b1535138ef2d4c191f3c923c93c3833fa46d

  • SHA512

    26b783b145d1b300c37d12e39a037150ee5f29921344e90be154a73459f77badd6962a8c5701589160a714e01a59807efc04d97d1843de3e9402f031e604b6d0

  • SSDEEP

    24576:S1818EiYTmpVJUOZ1818EiYTmpVJUOZ1L:bTmpVJUOyTmpVJUOP

  Score

  10^/10

  mylobotbotnetdiscoverypersistence

  • Mylobot

    Botnet which first appeared in 2017 written in C++.

    botnetmylobot

  • Mylobot family

    mylobot

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1