General
-
Target
2025-06-03_b8f891639e2782f230410df1c1ef0b24_black-basta_cobalt-strike_coinminer_darkgate_hijackloader
-
Size
15.1MB
-
Sample
250603-zedkyadq6x
-
MD5
b8f891639e2782f230410df1c1ef0b24
-
SHA1
93e8b2c4a2cfd6dc8dca7e1191964a23862a4755
-
SHA256
7cf3736678b797b418ad8c0043b27eae81b02fcb0eec63a46d93abf42d1953da
-
SHA512
68cea36ab88e064f3f4330d8239a867d1005bf7056fecb726b8d0e067923ffe2386d91028ff2de7e40810cfcddd9ab18ef14ee050a900e9b8a665111267055a6
-
SSDEEP
393216:vRYyuEzCdkhomtsE+XywYS7Xp+ZnZ9osWOy+:jzZnZ9iOy+
Behavioral task
behavioral1
Sample
2025-06-03_b8f891639e2782f230410df1c1ef0b24_black-basta_cobalt-strike_coinminer_darkgate_hijackloader.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
2025-06-03_b8f891639e2782f230410df1c1ef0b24_black-basta_cobalt-strike_coinminer_darkgate_hijackloader
-
Size
15.1MB
-
MD5
b8f891639e2782f230410df1c1ef0b24
-
SHA1
93e8b2c4a2cfd6dc8dca7e1191964a23862a4755
-
SHA256
7cf3736678b797b418ad8c0043b27eae81b02fcb0eec63a46d93abf42d1953da
-
SHA512
68cea36ab88e064f3f4330d8239a867d1005bf7056fecb726b8d0e067923ffe2386d91028ff2de7e40810cfcddd9ab18ef14ee050a900e9b8a665111267055a6
-
SSDEEP
393216:vRYyuEzCdkhomtsE+XywYS7Xp+ZnZ9osWOy+:jzZnZ9iOy+
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-