General
-
Target
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa
-
Size
563KB
-
Sample
220426-y4d3bsaadq
-
MD5
3f400f30415941348af21d515a2fc6a3
-
SHA1
bd0bf9c987288ca434221d7d81c54a47e913600a
-
SHA256
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa
-
SHA512
0d4c3ee8807bbbf635ce2d1ce1b747c23cc2724ff999580169e5514c7c97109083bea169bd6a5f8be35f3b679bb8446839fcc7a38f78503658eda306bec69154
-
SSDEEP
12288:TFx0B/O7JxPzW9JPlHKtxYRkG7zLfpXE6SbJ:Rx7zW9JPlGskG1v
Static task
static1
Behavioral task
behavioral1
Sample
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa
-
Size
563KB
-
MD5
3f400f30415941348af21d515a2fc6a3
-
SHA1
bd0bf9c987288ca434221d7d81c54a47e913600a
-
SHA256
5d2204f3a20e163120f52a2e3595db19890050b2faa96c6cba6b094b0a52b0aa
-
SHA512
0d4c3ee8807bbbf635ce2d1ce1b747c23cc2724ff999580169e5514c7c97109083bea169bd6a5f8be35f3b679bb8446839fcc7a38f78503658eda306bec69154
-
SSDEEP
12288:TFx0B/O7JxPzW9JPlHKtxYRkG7zLfpXE6SbJ:Rx7zW9JPlGskG1v
Score10/10-
Black Basta
A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
-
Modifies boot configuration data using bcdedit
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Sets desktop wallpaper using registry
-