General

  • Target

    2025-07-02_dfb93b4ec1dc45746155ca66c57c1d06_black-basta_mespinoza_ryuk

  • Size

    1.7MB

  • Sample

    250702-xk71ma1js9

  • MD5

    dfb93b4ec1dc45746155ca66c57c1d06

  • SHA1

    67c37b6d3a3d150cb03a2ff9c7fd71537653e6ec

  • SHA256

    51f6973b327ee528f924b28dbf224008f4f5d9b8cd0d75510385f728316c5b68

  • SHA512

    bdcc7603c68d215040594da21de18b87ad97a992815b1738efbf49c73fe02ef5356e7cfebb7a70acbf5e589810bb337fd6cbac51f518051e89cce900000a5f72

  • SSDEEP

    24576:G3oHrGhNF4Xx7Ab/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:QoHgFEBAbLNiXicJFFRGNzj3

Malware Config

Targets

    • Target

      2025-07-02_dfb93b4ec1dc45746155ca66c57c1d06_black-basta_mespinoza_ryuk

    • Size

      1.7MB

    • MD5

      dfb93b4ec1dc45746155ca66c57c1d06

    • SHA1

      67c37b6d3a3d150cb03a2ff9c7fd71537653e6ec

    • SHA256

      51f6973b327ee528f924b28dbf224008f4f5d9b8cd0d75510385f728316c5b68

    • SHA512

      bdcc7603c68d215040594da21de18b87ad97a992815b1738efbf49c73fe02ef5356e7cfebb7a70acbf5e589810bb337fd6cbac51f518051e89cce900000a5f72

    • SSDEEP

      24576:G3oHrGhNF4Xx7Ab/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:QoHgFEBAbLNiXicJFFRGNzj3

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks