General
-
Target
9a55f55886285eef7ffabdd55c0232d1458175b1d868c03d3e304ce7d98980bc.zip.zip
-
Size
267KB
-
Sample
221009-vppnqshdhl
-
MD5
865ceeaf1d699ed5b952c6cd35d7885b
-
SHA1
d1e0bee4c98b6538b13347398c3fe697fd4891fe
-
SHA256
b3c8d67c5707217693c7659d3887e5582ecf11b097c31217b19b4d3e40ebe025
-
SHA512
3ac55014d265ddbe994ada446319a14137c24890f517fc1b56a25097f256e0390ac9bdfd7bc85a74cd1028ef06b629c739bea5d73d28a3c508a6e41c6795b282
-
SSDEEP
6144:sGoJn8e82Rorn8A5gRHC2HmtEffq2NDDa7jhkn/b4yJ4ZpzFT5RpV8f:mT8b55EgMPN/a79s/0hzV5f+
Static task
static1
Behavioral task
behavioral1
Sample
9a55f55886285eef7ffabdd55c0232d1458175b1d868c03d3e304ce7d98980bc.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
9a55f55886285eef7ffabdd55c0232d1458175b1d868c03d3e304ce7d98980bc.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
C:\MSOCache\readme.txt
https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion/
Targets
-
-
Target
9a55f55886285eef7ffabdd55c0232d1458175b1d868c03d3e304ce7d98980bc.exe
-
Size
542KB
-
MD5
c115bbbdb1a61f8c553d74802bfd78fb
-
SHA1
1f439569e3c1c14ea9f02235f8f45c49e2764160
-
SHA256
9a55f55886285eef7ffabdd55c0232d1458175b1d868c03d3e304ce7d98980bc
-
SHA512
6ad701415ce5e1f94144a979f7e347499ecd80e4de4705dbe9570ad53a90b58034ea98f2ec9d257a330ec47ffeacdbd420f581ad8a4d76b0c7ad4bb198b1ab84
-
SSDEEP
12288:trkm8R9qXgmj3d7khtgfpedbKbiTuDZWhswtik5j2w+f:2Ujt7+twpedbKb1dWhse9K
Score10/10-
Black Basta
A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Sets desktop wallpaper using registry
-