blackbasta | 81515e1c72fadae2c4bb15883e0c1d8979b49fd52d8c65ca03e05a75ca6683c9

General

Target

81515e1c72fadae2c4bb15883e0c1d8979b49fd52d8c65ca03e05a75ca6683c9
Size

454KB
Sample

221203-g46nxabg62
MD5

30e360b69234e2f71a80a301ed582400
SHA1

318d227272b198311ef9eb8e6721237c0f90fcd2
SHA256

81515e1c72fadae2c4bb15883e0c1d8979b49fd52d8c65ca03e05a75ca6683c9
SHA512

c5faea951492771eb9847536c03e0287e20d89f3c691861de78ae897ef2aed1c81fe4a4ab80ee49e9c46df516aa99babdae96aedecf94f0ada84681631048e40
SSDEEP

6144:+ZyHOgf1NEoVAtlu8PN8yOqbXaDlnNahH7g5llqocky89guv7J/hSNcPMK7Codus:+vIgtlu8Pcail6bg53LRvuNcVG+GK

Score

10^/10

blackbasta ransomware

Malware Config

Extracted

Path

C:\MSOCache\readme.txt

Ransom Note

Your data are stolen and encrypted The data will be published on TOR website if you do not pay the ransom You can contact us and decrypt one file for free on this TOR site (you should download and install TOR browser first https://torproject.org) https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion/ Your company id for log in: aa6b49d0-713d-46fb-b7ac-fb5605e2ac0a

URLs

https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion/

Targets

- Target
  
  81515e1c72fadae2c4bb15883e0c1d8979b49fd52d8c65ca03e05a75ca6683c9
- Size
  
  454KB
- MD5
  
  30e360b69234e2f71a80a301ed582400
- SHA1
  
  318d227272b198311ef9eb8e6721237c0f90fcd2
- SHA256
  
  81515e1c72fadae2c4bb15883e0c1d8979b49fd52d8c65ca03e05a75ca6683c9
- SHA512
  
  c5faea951492771eb9847536c03e0287e20d89f3c691861de78ae897ef2aed1c81fe4a4ab80ee49e9c46df516aa99babdae96aedecf94f0ada84681631048e40
- SSDEEP
  
  6144:+ZyHOgf1NEoVAtlu8PN8yOqbXaDlnNahH7g5llqocky89guv7J/hSNcPMK7Codus:+vIgtlu8Pcail6bg53LRvuNcVG+GK
Score

10^/10

blackbasta ransomware
- Black Basta
  A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
  ransomware blackbasta
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2