General

  • Target

    2025-07-04_70d031e8e87a46b04419cbc465bc9e32_black-basta_cobalt-strike_luca-stealer_satacom_vidar

  • Size

    3.7MB

  • Sample

    250704-npyhbassaw

  • MD5

    70d031e8e87a46b04419cbc465bc9e32

  • SHA1

    11a983918a02cee9a98191724b0c15ee6730d08a

  • SHA256

    9abf0075334c3411b2553ceef48fd9bc4c86e3bf66be0c2e09a391f098151efb

  • SHA512

    5fb96dd8349b25050adae3451891ebcaa8387a91716d0e16cc08b61f364f077fed119c7287e2b0ca2704361a730efc8fc6fde33e695ce609ae1c738716d181be

  • SSDEEP

    49152:+lh7WxDi+U/pcCz7PZTZlzdOZlUkJLF1Uac+3+fESK6HYlWzNQeyUHBdH3zkTQ+m:+MgZeD+h3Ke9BpD9ZTO7Ws

Malware Config

Targets

    • Target

      2025-07-04_70d031e8e87a46b04419cbc465bc9e32_black-basta_cobalt-strike_luca-stealer_satacom_vidar

    • Size

      3.7MB

    • MD5

      70d031e8e87a46b04419cbc465bc9e32

    • SHA1

      11a983918a02cee9a98191724b0c15ee6730d08a

    • SHA256

      9abf0075334c3411b2553ceef48fd9bc4c86e3bf66be0c2e09a391f098151efb

    • SHA512

      5fb96dd8349b25050adae3451891ebcaa8387a91716d0e16cc08b61f364f077fed119c7287e2b0ca2704361a730efc8fc6fde33e695ce609ae1c738716d181be

    • SSDEEP

      49152:+lh7WxDi+U/pcCz7PZTZlzdOZlUkJLF1Uac+3+fESK6HYlWzNQeyUHBdH3zkTQ+m:+MgZeD+h3Ke9BpD9ZTO7Ws

    • Executes dropped EXE

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Network Share Discovery

      Attempt to gather information on host network.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks