General
-
Target
7883f01096db9bcf090c2317749b6873036c27ba92451b212b8645770e1f0b8a.bin
-
Size
543KB
-
Sample
220427-2g3nysegfq
-
MD5
998022b70d83c6de68e5bdf94e0f8d71
-
SHA1
b87a947f3e85701fcdadd733e9b055a65a3b1308
-
SHA256
7883f01096db9bcf090c2317749b6873036c27ba92451b212b8645770e1f0b8a
-
SHA512
2744b77f951bd2bb34b094dd3b54fcf8f7dca76e03c745809edc045749c814c7d88c9ddd69ad684a1c156716afae76b5ebec3f932d0f2a72b242878134f65647
-
SSDEEP
12288:M1DTMHixr1moQqUiXINDl/m1s6BQio67VlA:AzmoQqUiXw2s6yiVx
Malware Config
Extracted
C:\readme.txt
https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion:80/
Targets
-
-
Target
7883f01096db9bcf090c2317749b6873036c27ba92451b212b8645770e1f0b8a.bin
-
Size
543KB
-
MD5
998022b70d83c6de68e5bdf94e0f8d71
-
SHA1
b87a947f3e85701fcdadd733e9b055a65a3b1308
-
SHA256
7883f01096db9bcf090c2317749b6873036c27ba92451b212b8645770e1f0b8a
-
SHA512
2744b77f951bd2bb34b094dd3b54fcf8f7dca76e03c745809edc045749c814c7d88c9ddd69ad684a1c156716afae76b5ebec3f932d0f2a72b242878134f65647
-
SSDEEP
12288:M1DTMHixr1moQqUiXINDl/m1s6BQio67VlA:AzmoQqUiXw2s6yiVx
Score10/10-
Black Basta
A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Sets desktop wallpaper using registry
-