General

  • Target

    2025-07-03_b5e922f4394a20408ebc7d5d19a5759c_black-basta_cobalt-strike_satacom_vidar

  • Size

    3.0MB

  • Sample

    250703-gpsthafm5t

  • MD5

    b5e922f4394a20408ebc7d5d19a5759c

  • SHA1

    cae8856bc8f783f2d6d089c188918c1fab4b9505

  • SHA256

    6fc284174f1e04e3d64a0da211527636e3d11cfb682ae91948e5d1e48f4403c6

  • SHA512

    3c552b2fa243be0526797fa3ad678965779f0331ac44ee70f6e6e97d994a93b2b5583487c3562dc01127d162011fac51c463ffa036882bb48dbae2d29c779cb6

  • SSDEEP

    49152:LaDaFQk2KTltAsoKKV3zWSnFAClNJdEIC/3gRz:v4H3V6NCl3dEICkz

Malware Config

Targets

    • Target

      2025-07-03_b5e922f4394a20408ebc7d5d19a5759c_black-basta_cobalt-strike_satacom_vidar

    • Size

      3.0MB

    • MD5

      b5e922f4394a20408ebc7d5d19a5759c

    • SHA1

      cae8856bc8f783f2d6d089c188918c1fab4b9505

    • SHA256

      6fc284174f1e04e3d64a0da211527636e3d11cfb682ae91948e5d1e48f4403c6

    • SHA512

      3c552b2fa243be0526797fa3ad678965779f0331ac44ee70f6e6e97d994a93b2b5583487c3562dc01127d162011fac51c463ffa036882bb48dbae2d29c779cb6

    • SSDEEP

      49152:LaDaFQk2KTltAsoKKV3zWSnFAClNJdEIC/3gRz:v4H3V6NCl3dEICkz

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks