e5429f2e44990b3d4e249c566fbf19741e671c0e40b809f87248d9ec9114bef9

General

Target

BlackSun.ps1
Size

56KB
Sample

210921-nbjf8shce9
MD5

3ebab71cb71ca5c475202f401de008c8
SHA1

e0afcf804394abd43ad4723a0feb147f10e589cd
SHA256

e5429f2e44990b3d4e249c566fbf19741e671c0e40b809f87248d9ec9114bef9
SHA512

0f748020d922ae0ace575267cbbaf80c2818e37a20f3556f4192c896b5c4c5eb270b1e6e88562bad74771bfef81a3ce1ebfab7ac571ba459976bf7b2bd2fdfa6

Score

10^/10

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\BlackSun_README.txt

Ransom Note

*** BlackSun PROJECT *** All your data has been encrypted. Documents, photos, databases, backups. HOW CAN I GET MY DATA BACK? Your data is not destroyed. your data are however encrypted with SSL encryption, the only way to decrypt them is to have the decryption code and software. don't try to decrypt the files by yourself, you will damage them and make the recovery impossible. HOW CAN I GET THE DECRYPTION SOFTWARE? To get the software you will have to pay a certain amount of money. (10.000 euro in Monero Cryptocurrency) You need to contact us at this email: [email protected] and we will tell you how to pay. You have 10 days starting from now.

Emails

[email protected]

Targets

- Target
  
  BlackSun.ps1
- Size
  
  56KB
- MD5
  
  3ebab71cb71ca5c475202f401de008c8
- SHA1
  
  e0afcf804394abd43ad4723a0feb147f10e589cd
- SHA256
  
  e5429f2e44990b3d4e249c566fbf19741e671c0e40b809f87248d9ec9114bef9
- SHA512
  
  0f748020d922ae0ace575267cbbaf80c2818e37a20f3556f4192c896b5c4c5eb270b1e6e88562bad74771bfef81a3ce1ebfab7ac571ba459976bf7b2bd2fdfa6
Score

10^/10

ransomware spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1