General

  • Target

    2025-07-04_9e04411092f7c7c8df4d0f12bdc37adc_black-basta_cobalt-strike_ryuk_satacom_vidar

  • Size

    7.3MB

  • Sample

    250704-nx9wbadr2x

  • MD5

    9e04411092f7c7c8df4d0f12bdc37adc

  • SHA1

    49fc06b3c050e19b3fb05db6df9d8343e92254c2

  • SHA256

    dc65f703a59e5b14a765ae6c231aa704b420654d4edf27161885865970311b8d

  • SHA512

    7f536f37b1ea02c188905b225322044cd14168d2f30b6d771100d9206694407d08be3286ef1bc7653f2386124dc5b292b9675e9afb7c2eec37dbb425a0ce845d

  • SSDEEP

    98304:vic1v/nG8lyVqRlMJsd4/qCKHIvW4V6mqrWETR9b:vLhg/Y4VA9b

Malware Config

Targets

    • Target

      2025-07-04_9e04411092f7c7c8df4d0f12bdc37adc_black-basta_cobalt-strike_ryuk_satacom_vidar

    • Size

      7.3MB

    • MD5

      9e04411092f7c7c8df4d0f12bdc37adc

    • SHA1

      49fc06b3c050e19b3fb05db6df9d8343e92254c2

    • SHA256

      dc65f703a59e5b14a765ae6c231aa704b420654d4edf27161885865970311b8d

    • SHA512

      7f536f37b1ea02c188905b225322044cd14168d2f30b6d771100d9206694407d08be3286ef1bc7653f2386124dc5b292b9675e9afb7c2eec37dbb425a0ce845d

    • SSDEEP

      98304:vic1v/nG8lyVqRlMJsd4/qCKHIvW4V6mqrWETR9b:vLhg/Y4VA9b

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks