General

  • Target

    2025-06-30_4a36e2783f698d37b20d728d0cabe69a_black-basta_cobalt-strike_luca-stealer_satacom_vidar

  • Size

    815KB

  • Sample

    250630-ve34datlz3

  • MD5

    4a36e2783f698d37b20d728d0cabe69a

  • SHA1

    995354478f26fca89051f65895d25596a75c4044

  • SHA256

    de135ad1e12be7f2966a0c853724680db716a95d296ffdf4e7a3fbc06931f2d6

  • SHA512

    2b6d56a430cd0d890a1500c65c4326d7121ed17dc86800c4ed6df39b3bd6fdd797b58d77f680ed770f1ef88df3ff062fe3880d7026770307ef8d55244358e481

  • SSDEEP

    24576:l0MXRmlh8t0D+7y8G2G9yL0cMoThTR9PyuLzpQo:lFXm+brLC2hTR9quLB

Malware Config

Targets

    • Target

      2025-06-30_4a36e2783f698d37b20d728d0cabe69a_black-basta_cobalt-strike_luca-stealer_satacom_vidar

    • Size

      815KB

    • MD5

      4a36e2783f698d37b20d728d0cabe69a

    • SHA1

      995354478f26fca89051f65895d25596a75c4044

    • SHA256

      de135ad1e12be7f2966a0c853724680db716a95d296ffdf4e7a3fbc06931f2d6

    • SHA512

      2b6d56a430cd0d890a1500c65c4326d7121ed17dc86800c4ed6df39b3bd6fdd797b58d77f680ed770f1ef88df3ff062fe3880d7026770307ef8d55244358e481

    • SSDEEP

      24576:l0MXRmlh8t0D+7y8G2G9yL0cMoThTR9PyuLzpQo:lFXm+brLC2hTR9quLB

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks