General

  • Target

    2025-05-02_c482801a362798ad1737ae265ec92340_black-basta_cobalt-strike_coinminer_satacom_zxxz

  • Size

    39.5MB

  • Sample

    250502-zs72psxmv2

  • MD5

    c482801a362798ad1737ae265ec92340

  • SHA1

    445c7a8383820bc8913b75764052f5e36d3dc2d9

  • SHA256

    6fd2b4965d883e64147525498c63a6de75e77f9c1a3c131f43aa90e7198ca5bf

  • SHA512

    02a181f68e519e7ac67a6061faebee897f0741c420f3fc23a16564f0149680a4562016acccaaf5ae044d7a0d023456f52a286af2fa7f2390ab527678fb8757ec

  • SSDEEP

    393216:S76L6otUitqtH7wHtXq2pt2jbOCacCFIK0fpP9HF4VW8yfEnVQx4urYsANulL7Nk:S0LoCOn+2Es4urYDNulLBiuQ

Malware Config

Targets

    • Target

      2025-05-02_c482801a362798ad1737ae265ec92340_black-basta_cobalt-strike_coinminer_satacom_zxxz

    • Size

      39.5MB

    • MD5

      c482801a362798ad1737ae265ec92340

    • SHA1

      445c7a8383820bc8913b75764052f5e36d3dc2d9

    • SHA256

      6fd2b4965d883e64147525498c63a6de75e77f9c1a3c131f43aa90e7198ca5bf

    • SHA512

      02a181f68e519e7ac67a6061faebee897f0741c420f3fc23a16564f0149680a4562016acccaaf5ae044d7a0d023456f52a286af2fa7f2390ab527678fb8757ec

    • SSDEEP

      393216:S76L6otUitqtH7wHtXq2pt2jbOCacCFIK0fpP9HF4VW8yfEnVQx4urYsANulL7Nk:S0LoCOn+2Es4urYDNulLBiuQ

    • DarkCloud

      An information stealer written in Visual Basic.

    • Darkcloud family

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v16

Tasks