General

  • Target

    2025-07-04_a3b88fed5efaa595f25b6ee55e7487d1_black-basta_mespinoza_ryuk

  • Size

    1.0MB

  • Sample

    250704-ns3w7sdp8z

  • MD5

    a3b88fed5efaa595f25b6ee55e7487d1

  • SHA1

    be326c330c46e3c466c3fe198bc9a7ffb890eb86

  • SHA256

    4b53591f1eeff266f131b787a97cb064c304330acacf1b463b0ec63d62242443

  • SHA512

    1a18c9f8f1ba1719537fdfe71c53569839a44c4513fdaa9c258094c95088ca34bea4728a8b347724397b7a2600530a8ee6f36a823d14cb94a86bee6d7752417c

  • SSDEEP

    24576:ziBE0GqwXeAVmYl/i328ab4F+rM/aXq6bJfBUam6:3f5Xe6Xl/i3da1YS6ozB

Malware Config

Targets

    • Target

      2025-07-04_a3b88fed5efaa595f25b6ee55e7487d1_black-basta_mespinoza_ryuk

    • Size

      1.0MB

    • MD5

      a3b88fed5efaa595f25b6ee55e7487d1

    • SHA1

      be326c330c46e3c466c3fe198bc9a7ffb890eb86

    • SHA256

      4b53591f1eeff266f131b787a97cb064c304330acacf1b463b0ec63d62242443

    • SHA512

      1a18c9f8f1ba1719537fdfe71c53569839a44c4513fdaa9c258094c95088ca34bea4728a8b347724397b7a2600530a8ee6f36a823d14cb94a86bee6d7752417c

    • SSDEEP

      24576:ziBE0GqwXeAVmYl/i328ab4F+rM/aXq6bJfBUam6:3f5Xe6Xl/i3da1YS6ozB

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks