General

  • Target

    2025-07-04_aed9e1e2178608e59cb02fa1523c22f7_black-basta_cobalt-strike_elex_hijackloader

  • Size

    305KB

  • Sample

    250704-n1tnhasn19

  • MD5

    aed9e1e2178608e59cb02fa1523c22f7

  • SHA1

    9fb15973b0d848077287538368fb116da7c5bba2

  • SHA256

    843dfbc15b57c39dd199f7ce8a55c8abed6728f076d0125d02efd246f497d1f2

  • SHA512

    845c9993d37003917e1c2c2c2518e1ff6888e27dd51dced1150e21553da0aa2aed7c36d924a0663005f75a29d7b66c1045c0cb41dfc675dfc9957acf9610cadc

  • SSDEEP

    6144:371st+2F+ZZE+9x9X7geFhoZcH6wF/ynQNx:371iwZE+9x9X7gefoZcLF/ynQD

Malware Config

Targets

    • Target

      2025-07-04_aed9e1e2178608e59cb02fa1523c22f7_black-basta_cobalt-strike_elex_hijackloader

    • Size

      305KB

    • MD5

      aed9e1e2178608e59cb02fa1523c22f7

    • SHA1

      9fb15973b0d848077287538368fb116da7c5bba2

    • SHA256

      843dfbc15b57c39dd199f7ce8a55c8abed6728f076d0125d02efd246f497d1f2

    • SHA512

      845c9993d37003917e1c2c2c2518e1ff6888e27dd51dced1150e21553da0aa2aed7c36d924a0663005f75a29d7b66c1045c0cb41dfc675dfc9957acf9610cadc

    • SSDEEP

      6144:371st+2F+ZZE+9x9X7geFhoZcH6wF/ynQNx:371iwZE+9x9X7gefoZcLF/ynQD

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks