Windows
https://www.kroll.com/en/insights/publications/cyber/black-basta-technical-analysis Initial access is often acquired via malicious links in spearphishing emails. Common tools used by Black Basta are Qakbot, SystemBC, Mimikatz, CobaltStrike and Rclone. https://attack.mitre.org/software/S0650/ https://malpedia.caad.fkie.fraunhofer.de/details/win.systembc https://attack.mitre.org/software/S0002/ https://attack.mitre.org/software/S0154/ https://attack.mitre.org/software/S1040/