General
-
Target
2025-06-03_f693d081427d90e7ec1e6a57f88c5aa1_black-basta_cobalt-strike_coinminer_darkgate_hijackloader
-
Size
15.1MB
-
Sample
250603-zjbxxadr7v
-
MD5
f693d081427d90e7ec1e6a57f88c5aa1
-
SHA1
ba0a7b8310e931241bd3597d9ce4f20de067c45e
-
SHA256
21894f10b7acafa27c09be11f19a571c140f18c9dc306d16772fdb73db45e6ed
-
SHA512
fbde4452745f72856ea65e3b6406ac35362bcad66a3b633575484c24b8a62b42f0696fe423a918551850864c9a8d9aad9d79ff4fd53a358925a82b9e9d462339
-
SSDEEP
393216:yRYyuEzCdkhomtsE+XywYS7Xp+inZxosWL4Dz:kzinZxiLy
Behavioral task
behavioral1
Sample
2025-06-03_f693d081427d90e7ec1e6a57f88c5aa1_black-basta_cobalt-strike_coinminer_darkgate_hijackloader.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
2025-06-03_f693d081427d90e7ec1e6a57f88c5aa1_black-basta_cobalt-strike_coinminer_darkgate_hijackloader
-
Size
15.1MB
-
MD5
f693d081427d90e7ec1e6a57f88c5aa1
-
SHA1
ba0a7b8310e931241bd3597d9ce4f20de067c45e
-
SHA256
21894f10b7acafa27c09be11f19a571c140f18c9dc306d16772fdb73db45e6ed
-
SHA512
fbde4452745f72856ea65e3b6406ac35362bcad66a3b633575484c24b8a62b42f0696fe423a918551850864c9a8d9aad9d79ff4fd53a358925a82b9e9d462339
-
SSDEEP
393216:yRYyuEzCdkhomtsE+XywYS7Xp+inZxosWL4Dz:kzinZxiLy
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-