Overview

overview

10

Static

static

3

2025-04-07...om.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-07_7ad31c28848f1ff2193f807cb3deaaf9_black-basta_cobalt-strike_satacom

  • Size

    780KB

  • Sample

    250407-m9karazmt6

  • MD5

    7ad31c28848f1ff2193f807cb3deaaf9

  • SHA1

    ed58fcebec0ecb5921a3a8f8e1a1647cddfefcfb

  • SHA256

    013425ffb967f37556591d596ac033ae3a7ad466c512c32685e0cd960fbe670f

  • SHA512

    7fd16fd547c86f34f1591bdd2cefc4fb42d6893611e43050519f09e6661a3c02404d308aa4d886e3a2b44859e96700ca1603dd636a631ebcd0dcea3fe733a5a0

  • SSDEEP

    24576:VHHiWcxah9JB/OrWaQ47IbQuLVUpuWsZo:VHHiXahLBWrW58uLVU/sG

Score
10/10
darkvisionexecutionpersistencerat

Malware Config

Targets

    • Target

      2025-04-07_7ad31c28848f1ff2193f807cb3deaaf9_black-basta_cobalt-strike_satacom

    • Size

      780KB

    • MD5

      7ad31c28848f1ff2193f807cb3deaaf9

    • SHA1

      ed58fcebec0ecb5921a3a8f8e1a1647cddfefcfb

    • SHA256

      013425ffb967f37556591d596ac033ae3a7ad466c512c32685e0cd960fbe670f

    • SHA512

      7fd16fd547c86f34f1591bdd2cefc4fb42d6893611e43050519f09e6661a3c02404d308aa4d886e3a2b44859e96700ca1603dd636a631ebcd0dcea3fe733a5a0

    • SSDEEP

      24576:VHHiWcxah9JB/OrWaQ47IbQuLVUpuWsZo:VHHiXahLBWrW58uLVU/sG

    Score
    10/10
    darkvisionexecutionpersistencerat

    • DarkVision Rat

      DarkVision Rat is a trojan written in C++.

      ratdarkvision

    • Darkvision family

      darkvision

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.