Malware Analysis Report

2025-08-05 14:36

Sample ID 250702-x41ewszybv
Target 2025-07-02_27395a5984905db2bf35bb8c61bfc585_black-basta_cobalt-strike_hijackloader_luca-stealer_satacom_vidar
SHA256 c89f89028783094dff2d82e34b4782b83520e36839a167c5393a6c1266fc2290
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

c89f89028783094dff2d82e34b4782b83520e36839a167c5393a6c1266fc2290

Threat Level: No (potentially) malicious behavior was detected

The file 2025-07-02_27395a5984905db2bf35bb8c61bfc585_black-basta_cobalt-strike_hijackloader_luca-stealer_satacom_vidar was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2025-07-02 19:25

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-07-02 19:25

Reported

2025-07-02 19:27

Platform

win10v2004-20250619-en

Max time kernel

138s

Max time network

145s

Command Line

"C:\Users\Admin\AppData\Local\Temp\2025-07-02_27395a5984905db2bf35bb8c61bfc585_black-basta_cobalt-strike_hijackloader_luca-stealer_satacom_vidar.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\2025-07-02_27395a5984905db2bf35bb8c61bfc585_black-basta_cobalt-strike_hijackloader_luca-stealer_satacom_vidar.exe

"C:\Users\Admin\AppData\Local\Temp\2025-07-02_27395a5984905db2bf35bb8c61bfc585_black-basta_cobalt-strike_hijackloader_luca-stealer_satacom_vidar.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 150.171.28.10:443 g.bing.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 c.pki.goog udp
GB 142.250.179.227:80 c.pki.goog tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2025-07-02 19:25

Reported

2025-07-02 19:27

Platform

win11-20250619-en

Max time kernel

102s

Max time network

104s

Command Line

"C:\Users\Admin\AppData\Local\Temp\2025-07-02_27395a5984905db2bf35bb8c61bfc585_black-basta_cobalt-strike_hijackloader_luca-stealer_satacom_vidar.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\2025-07-02_27395a5984905db2bf35bb8c61bfc585_black-basta_cobalt-strike_hijackloader_luca-stealer_satacom_vidar.exe

"C:\Users\Admin\AppData\Local\Temp\2025-07-02_27395a5984905db2bf35bb8c61bfc585_black-basta_cobalt-strike_hijackloader_luca-stealer_satacom_vidar.exe"

Network

Files

N/A