b9c82bf9aef37bf0ed1c19e3ef9b19f601e714ce4f67cf2314fa29c3ddfcb451 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2025-05-11_b01b4fe01002efaa76da11491be3d842_black-basta_cobalt-strike_satacom
Size

18.3MB
Sample

250511-ftdppsfn3s
MD5

b01b4fe01002efaa76da11491be3d842
SHA1

124136848e3f18975e606776a43de2e5f48dc04a
SHA256

b9c82bf9aef37bf0ed1c19e3ef9b19f601e714ce4f67cf2314fa29c3ddfcb451
SHA512

4ad163a7c9fd3d508d9f8ad6abe74faeab935dca153f87456cd2f436a1d4dbd88b9689e02d3145d272d5c8215efe0cf135cd511dae2178c259a0a6d5f46ada48
SSDEEP

393216:c3BfZaKBsRvKCYcCuyW8ZluC0X2MICWAq4tSn4xnJ:c3vaKCSW8+CA2Ty44xn

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  2025-05-11_b01b4fe01002efaa76da11491be3d842_black-basta_cobalt-strike_satacom
- Size
  
  18.3MB
- MD5
  
  b01b4fe01002efaa76da11491be3d842
- SHA1
  
  124136848e3f18975e606776a43de2e5f48dc04a
- SHA256
  
  b9c82bf9aef37bf0ed1c19e3ef9b19f601e714ce4f67cf2314fa29c3ddfcb451
- SHA512
  
  4ad163a7c9fd3d508d9f8ad6abe74faeab935dca153f87456cd2f436a1d4dbd88b9689e02d3145d272d5c8215efe0cf135cd511dae2178c259a0a6d5f46ada48
- SSDEEP
  
  393216:c3BfZaKBsRvKCYcCuyW8ZluC0X2MICWAq4tSn4xnJ:c3vaKCSW8+CA2Ty44xn
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

	
		OSZAR »