General
-
Target
2025-06-30_63e048f29d00ced05dbd871b751085e9_black-basta_cobalt-strike_luca-stealer_satacom_vidar
-
Size
20.2MB
-
Sample
250630-zdb1qavnx5
-
MD5
63e048f29d00ced05dbd871b751085e9
-
SHA1
ba3a8fff8580b7f54e9816a0e1ae310874ba6caa
-
SHA256
4c820efcf7198e5233cfa11233d82518ec6226a4974aec4fadb9be15e77dffdb
-
SHA512
f03c586bfc050c24524f4f16a104f88e4d91d10fa3355cada9d779e29bd1665806e9526b3d69fe72dc8551410615b010a7240cd808110d90ab3d5f422a16028c
-
SSDEEP
393216:36p3BqPP4UahvDowhhLpIaBbxlB4wsFsOw8ERIEgfPjSDNWCkye:83BqpahBmIb2FT5P2DNWCG
Behavioral task
behavioral1
Sample
2025-06-30_63e048f29d00ced05dbd871b751085e9_black-basta_cobalt-strike_luca-stealer_satacom_vidar.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
2025-06-30_63e048f29d00ced05dbd871b751085e9_black-basta_cobalt-strike_luca-stealer_satacom_vidar.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
2025-06-30_63e048f29d00ced05dbd871b751085e9_black-basta_cobalt-strike_luca-stealer_satacom_vidar
-
Size
20.2MB
-
MD5
63e048f29d00ced05dbd871b751085e9
-
SHA1
ba3a8fff8580b7f54e9816a0e1ae310874ba6caa
-
SHA256
4c820efcf7198e5233cfa11233d82518ec6226a4974aec4fadb9be15e77dffdb
-
SHA512
f03c586bfc050c24524f4f16a104f88e4d91d10fa3355cada9d779e29bd1665806e9526b3d69fe72dc8551410615b010a7240cd808110d90ab3d5f422a16028c
-
SSDEEP
393216:36p3BqPP4UahvDowhhLpIaBbxlB4wsFsOw8ERIEgfPjSDNWCkye:83BqpahBmIb2FT5P2DNWCG
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-