General

  • Target

    2025-07-02_2bb85d0aae9a674df70f17724a580ab3_black-basta_cobalt-strike_luca-stealer_satacom_vidar

  • Size

    10.7MB

  • Sample

    250702-x5cp8agj9t

  • MD5

    2bb85d0aae9a674df70f17724a580ab3

  • SHA1

    10e6ebeaa6ab6c2f657d44a46c16bfec7c99fbb9

  • SHA256

    df1593245ab307ce7367b6a3b5b440c5500b5b698c48bb4750887a045569dd70

  • SHA512

    bb741f1fc64a69aa5221da1792b69a478512a24271ccffacf680cb175961e774916fb918322d8b2850b3dcc3c53caa085dc0894d437419e6f115f6b5bd7073b2

  • SSDEEP

    196608:DWGWH68urHm7ND9BKG+5fc2S/ErXKEtw+AoHfPwRMsqKXL+yrYM0nDk:Ka8uCRDvV+53SM8+FfPwSD/WY3k

Score
7/10

Malware Config

Targets

    • Target

      2025-07-02_2bb85d0aae9a674df70f17724a580ab3_black-basta_cobalt-strike_luca-stealer_satacom_vidar

    • Size

      10.7MB

    • MD5

      2bb85d0aae9a674df70f17724a580ab3

    • SHA1

      10e6ebeaa6ab6c2f657d44a46c16bfec7c99fbb9

    • SHA256

      df1593245ab307ce7367b6a3b5b440c5500b5b698c48bb4750887a045569dd70

    • SHA512

      bb741f1fc64a69aa5221da1792b69a478512a24271ccffacf680cb175961e774916fb918322d8b2850b3dcc3c53caa085dc0894d437419e6f115f6b5bd7073b2

    • SSDEEP

      196608:DWGWH68urHm7ND9BKG+5fc2S/ErXKEtw+AoHfPwRMsqKXL+yrYM0nDk:Ka8uCRDvV+53SM8+FfPwSD/WY3k

    Score
    7/10
    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v16

Tasks