Analysis Overview
score
10/10
SHA256
1010f8d5f50ff0efe611236feca7f77b7f59e15a8bafedac007132c32dd9454c
Threat Level: Known bad
The file 2025-05-15_9f5979230d02ea31ea1ab1baee8b4a59_black-basta_cobalt-strike_hijackloader_satacom was found to be: Known bad.
Malicious Activity Summary
Mofongoloader family
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2025-05-15 01:34
Signatures
Mofongoloader family
Analysis: behavioral1
Detonation Overview
Submitted
2025-05-15 01:34
Reported
2025-05-15 01:36
Platform
win10v2004-20250502-en
Max time kernel
103s
Max time network
143s
Command Line
"C:\Users\Admin\AppData\Local\Temp\2025-05-15_9f5979230d02ea31ea1ab1baee8b4a59_black-basta_cobalt-strike_hijackloader_satacom.exe"
Signatures
N/A
Processes
C:\Users\Admin\AppData\Local\Temp\2025-05-15_9f5979230d02ea31ea1ab1baee8b4a59_black-basta_cobalt-strike_hijackloader_satacom.exe
"C:\Users\Admin\AppData\Local\Temp\2025-05-15_9f5979230d02ea31ea1ab1baee8b4a59_black-basta_cobalt-strike_hijackloader_satacom.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cloudnetworkverify.com | udp |
| PL | 2.18.29.176:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| DE | 172.217.16.195:80 | c.pki.goog | tcp |
Files
N/A