General

  • Target

    2025-06-03_f693d081427d90e7ec1e6a57f88c5aa1_black-basta_cobalt-strike_coinminer_darkgate_hijackloader

  • Size

    15.1MB

  • Sample

    250603-zjbxxadr7v

  • MD5

    f693d081427d90e7ec1e6a57f88c5aa1

  • SHA1

    ba0a7b8310e931241bd3597d9ce4f20de067c45e

  • SHA256

    21894f10b7acafa27c09be11f19a571c140f18c9dc306d16772fdb73db45e6ed

  • SHA512

    fbde4452745f72856ea65e3b6406ac35362bcad66a3b633575484c24b8a62b42f0696fe423a918551850864c9a8d9aad9d79ff4fd53a358925a82b9e9d462339

  • SSDEEP

    393216:yRYyuEzCdkhomtsE+XywYS7Xp+inZxosWL4Dz:kzinZxiLy

Score
10/10

Malware Config

Targets

    • Target

      2025-06-03_f693d081427d90e7ec1e6a57f88c5aa1_black-basta_cobalt-strike_coinminer_darkgate_hijackloader

    • Size

      15.1MB

    • MD5

      f693d081427d90e7ec1e6a57f88c5aa1

    • SHA1

      ba0a7b8310e931241bd3597d9ce4f20de067c45e

    • SHA256

      21894f10b7acafa27c09be11f19a571c140f18c9dc306d16772fdb73db45e6ed

    • SHA512

      fbde4452745f72856ea65e3b6406ac35362bcad66a3b633575484c24b8a62b42f0696fe423a918551850864c9a8d9aad9d79ff4fd53a358925a82b9e9d462339

    • SSDEEP

      393216:yRYyuEzCdkhomtsE+XywYS7Xp+inZxosWL4Dz:kzinZxiLy

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v16

Tasks