General

  • Target

    2025-07-04_998c9ac2bbac4d3a86b346a2246cba4f_black-basta_cobalt-strike_ryuk_satacom_vidar

  • Size

    7.3MB

  • Sample

    250704-nrf12ssms5

  • MD5

    998c9ac2bbac4d3a86b346a2246cba4f

  • SHA1

    5e87ba304e6697ca52d28c58915e42e2bc67e9de

  • SHA256

    7e7467e23097ac1d65820d1131452283b8ea8e25840ad3fcf9aedc60d8dfc175

  • SHA512

    1df45e252bc2432245b2df8230b656865ca691a71ae974a2d4b572a50c60010e51d19b9d3ade218cf2e995366ba2bdcc83b89a6c954cbe8c435461010dcce366

  • SSDEEP

    98304:cic1v/nG8lyVqRlMGsd4/qCKHIvW4VR+k:cLhB/Y4VR+k

Malware Config

Targets

    • Target

      2025-07-04_998c9ac2bbac4d3a86b346a2246cba4f_black-basta_cobalt-strike_ryuk_satacom_vidar

    • Size

      7.3MB

    • MD5

      998c9ac2bbac4d3a86b346a2246cba4f

    • SHA1

      5e87ba304e6697ca52d28c58915e42e2bc67e9de

    • SHA256

      7e7467e23097ac1d65820d1131452283b8ea8e25840ad3fcf9aedc60d8dfc175

    • SHA512

      1df45e252bc2432245b2df8230b656865ca691a71ae974a2d4b572a50c60010e51d19b9d3ade218cf2e995366ba2bdcc83b89a6c954cbe8c435461010dcce366

    • SSDEEP

      98304:cic1v/nG8lyVqRlMGsd4/qCKHIvW4VR+k:cLhB/Y4VR+k

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks