blackbasta | 09bc7247b50a166996b667b9a6e696cfbafa203ffcbec46ad0cca27deacd5c25

General

Target

09bc7247b50a166996b667b9a6e696cfbafa203ffcbec46ad0cca27deacd5c25
Size

454KB
Sample

221203-hj7adagd7v
MD5

848c0e307336503fda4fd86bb89cc4fd
SHA1

92d43641583917e1f0dbb47569a0a4364f44d41d
SHA256

09bc7247b50a166996b667b9a6e696cfbafa203ffcbec46ad0cca27deacd5c25
SHA512

f9c38f0627ad6250e45d08bbd65a5e58409aa26038409331f7b67a2bc40f0833554185202aa341f7ef8ca32bac88aa815d41cfbfe2071750ff77301feec299ed
SSDEEP

12288:rMiWg4KiCCBfILnvJ8KHJj8Zp3pWF/kP8P:AiWg4jCJbve0A3EJdP

Score

10^/10

blackbasta ransomware

Malware Config

Extracted

Path

C:\MSOCache\readme.txt

Ransom Note

Your data are stolen and encrypted The data will be published on TOR website if you do not pay the ransom You can contact us and decrypt one file for free on this TOR site (you should download and install TOR browser first https://torproject.org) https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion/ Your company id for log in: aa6b49d0-713d-46fb-b7ac-fb5605e2ac0a

URLs

https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion/

Targets

- Target
  
  09bc7247b50a166996b667b9a6e696cfbafa203ffcbec46ad0cca27deacd5c25
- Size
  
  454KB
- MD5
  
  848c0e307336503fda4fd86bb89cc4fd
- SHA1
  
  92d43641583917e1f0dbb47569a0a4364f44d41d
- SHA256
  
  09bc7247b50a166996b667b9a6e696cfbafa203ffcbec46ad0cca27deacd5c25
- SHA512
  
  f9c38f0627ad6250e45d08bbd65a5e58409aa26038409331f7b67a2bc40f0833554185202aa341f7ef8ca32bac88aa815d41cfbfe2071750ff77301feec299ed
- SSDEEP
  
  12288:rMiWg4KiCCBfILnvJ8KHJj8Zp3pWF/kP8P:AiWg4jCJbve0A3EJdP
Score

10^/10

blackbasta ransomware
- Black Basta
  A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
  ransomware blackbasta
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2