General
-
Target
2025-06-02_64a688aadc7f31ef2b34f0dfb39bdebc_black-basta_cobalt-strike_coinminer
-
Size
11.9MB
-
Sample
250602-1xbpqsaq8t
-
MD5
64a688aadc7f31ef2b34f0dfb39bdebc
-
SHA1
184e01e8a16e8f42b974db47813ffd7c4eec4dc5
-
SHA256
ff590c137c0936cbb62f0c3c6b6523242459726bce880cb83945e69900b8662c
-
SHA512
50376b1fad34fa8fffd41713a9a388957e4bf88420a1ccaeba7033ccb028dc5e3d8b61c5d07c2b39da4b975e1d5c207d45102fe776de6dd4627a81b812d8728a
-
SSDEEP
196608:25qvWugHA3MNko3LTQUK1ZKYCyE9BffOjW:QqOJHA3MNkCLTQUK1ZKYCyE9BK
Behavioral task
behavioral1
Sample
2025-06-02_64a688aadc7f31ef2b34f0dfb39bdebc_black-basta_cobalt-strike_coinminer.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
2025-06-02_64a688aadc7f31ef2b34f0dfb39bdebc_black-basta_cobalt-strike_coinminer
-
Size
11.9MB
-
MD5
64a688aadc7f31ef2b34f0dfb39bdebc
-
SHA1
184e01e8a16e8f42b974db47813ffd7c4eec4dc5
-
SHA256
ff590c137c0936cbb62f0c3c6b6523242459726bce880cb83945e69900b8662c
-
SHA512
50376b1fad34fa8fffd41713a9a388957e4bf88420a1ccaeba7033ccb028dc5e3d8b61c5d07c2b39da4b975e1d5c207d45102fe776de6dd4627a81b812d8728a
-
SSDEEP
196608:25qvWugHA3MNko3LTQUK1ZKYCyE9BffOjW:QqOJHA3MNkCLTQUK1ZKYCyE9BK
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-