General
-
Target
2025-07-04_c64d627704bddedcdf2a963e5e390365_black-basta_cobalt-strike_luca-stealer_ryuk_satacom_vidar
-
Size
1.2MB
-
Sample
250704-vlrc6awwgv
-
MD5
c64d627704bddedcdf2a963e5e390365
-
SHA1
a026f8d828eeb77f9c8f56135fc39bb6d9966243
-
SHA256
754542aee754fb928e4de4bb441d67bd7cb99bab13edc91ba360ecf5a3a66092
-
SHA512
24ca41bc25de80051a6f432a572c41175a19504bfddd32208c8f606ee42050185b1e1484e59a0bfa16f815ee84bf255b10f19ec95b95c70aabf9e2fd74aaa38c
-
SSDEEP
24576:Mac2RLuQZ1MHbVbqQLJSJxFOb/IQLJSJxFOb/:J2bVmQUUbAQUUb
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-04_c64d627704bddedcdf2a963e5e390365_black-basta_cobalt-strike_luca-stealer_ryuk_satacom_vidar.exe
Resource
win10v2004-20250619-en
Malware Config
Extracted
lumma
https://ketxsuz.xyz/xpaw
https://pacwpw.xyz/qwpr
https://comkxjs.xyz/taox
https://unurew.xyz/anhd
https://trsuv.xyz/gait
https://sqgzl.xyz/taoa
https://cexpxg.xyz/airq
https://urarfx.xyz/twox
https://liaxn.xyz/nbzh
-
build_id
7e54b1652293b4ac88021be03d3f62d85690de9778e55113df
Targets
-
-
Target
2025-07-04_c64d627704bddedcdf2a963e5e390365_black-basta_cobalt-strike_luca-stealer_ryuk_satacom_vidar
-
Size
1.2MB
-
MD5
c64d627704bddedcdf2a963e5e390365
-
SHA1
a026f8d828eeb77f9c8f56135fc39bb6d9966243
-
SHA256
754542aee754fb928e4de4bb441d67bd7cb99bab13edc91ba360ecf5a3a66092
-
SHA512
24ca41bc25de80051a6f432a572c41175a19504bfddd32208c8f606ee42050185b1e1484e59a0bfa16f815ee84bf255b10f19ec95b95c70aabf9e2fd74aaa38c
-
SSDEEP
24576:Mac2RLuQZ1MHbVbqQLJSJxFOb/IQLJSJxFOb/:J2bVmQUUbAQUUb
-
Lumma family
-
Suspicious use of SetThreadContext
-