General

  • Target

    2025-07-04_b12eff19d1453b17df1e7f366e721b04_black-basta_cobalt-strike_ryuk_satacom_vidar

  • Size

    7.3MB

  • Sample

    250704-nybpxadr2z

  • MD5

    b12eff19d1453b17df1e7f366e721b04

  • SHA1

    428f379b5b0749576db444bcf24d4f709fa02448

  • SHA256

    9a47134c52b7873225a1f377d569568f97fcfce10ffdb0e21d046d8accd6ffd7

  • SHA512

    cfc2d7af7d9bb925fa58243ccd6fa94b0186d91bd074877513dba9d2f3a4f108678dcd5e85bdc5cc84e748dcbf4250e5099b5dede2adf3a71469569faa6776a0

  • SSDEEP

    98304:Yic1v/nG8lyVqRlMNsd4/qCKHIvW4VO5SSDntdDpbRZy:YLhI/Y4VESintdDFRo

Malware Config

Targets

    • Target

      2025-07-04_b12eff19d1453b17df1e7f366e721b04_black-basta_cobalt-strike_ryuk_satacom_vidar

    • Size

      7.3MB

    • MD5

      b12eff19d1453b17df1e7f366e721b04

    • SHA1

      428f379b5b0749576db444bcf24d4f709fa02448

    • SHA256

      9a47134c52b7873225a1f377d569568f97fcfce10ffdb0e21d046d8accd6ffd7

    • SHA512

      cfc2d7af7d9bb925fa58243ccd6fa94b0186d91bd074877513dba9d2f3a4f108678dcd5e85bdc5cc84e748dcbf4250e5099b5dede2adf3a71469569faa6776a0

    • SSDEEP

      98304:Yic1v/nG8lyVqRlMNsd4/qCKHIvW4VO5SSDntdDpbRZy:YLhI/Y4VESintdDFRo

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks