Analysis
-
max time kernel
99s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-20250619-en -
resource tags
arch:x64arch:x86image:win10v2004-20250619-enlocale:en-usos:windows10-2004-x64system -
submitted
04/07/2025, 12:07
Static task
static1
1 signatures
General
-
Target
2025-07-04_dbb9bb618e56ec0add83abe9d221fbd9_black-basta_cobalt-strike_ryuk_satacom_vidar.exe
-
Size
2.3MB
-
MD5
dbb9bb618e56ec0add83abe9d221fbd9
-
SHA1
43f05dbf0566f6b038c16fbec3059f2a27c00c53
-
SHA256
b81a8b09f971d7014228bba1011996334b526b88c99fc52b13ae96288a27cc1a
-
SHA512
69b3a668dae064fd9a1091571b3036540a77e8c20ae3d7a6c4dfda6aefcf4e086da2ee316d906c0b599bbf414e1a3c22e641d9ed8df3583be80e3d928c1d813c
-
SSDEEP
49152:NkjGO6Utj36jHqwHRBw2lXP2pZ0g5SW6H8DS52tdDpbRZy:MOF1xs5SSDntdDpbRZy
Malware Config
Signatures
-
Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.