blackcat | f164972422318d0385d832bb14e6e9f3aa1cf35deb4e3d9981cb31675a347322 | Triage

Submit
Reports

Overview

overview

Static

static

3

gora (2).exe

windows7-x64

gora (2).exe

windows10-2004-x64

Analysis

max time kernel
142s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
21-07-2023 20:53

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

gora (2).exe

Resource

win7-20230712-en

blackcat ransomware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

gora (2).exe

Resource

win10v2004-20230703-en

blackcat ransomware

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

gora (2).exe
Size

12.6MB
MD5

0846ec9f85b4db6d3d7255be75d569db
SHA1

317396afd238bfd72b04a9e20b7de9cfc86d0719
SHA256

f164972422318d0385d832bb14e6e9f3aa1cf35deb4e3d9981cb31675a347322
SHA512

54e4c77e96ab49a1d62a825f900791551431a52a77a0f7d91a7e5c6e5a6821ea5e1ceddf0b6c025a64a3132bcd34c5335016ccda28f9d27d20eb3cdc30665439
SSDEEP

196608:eh1fzuraAnjocGL88gD8aD2mnWDNZ6pUk7ul9pt+lpUIvzifr:y62Anjo1dgvDLmWztLifr

Score

10^/10

blackcat ransomware

Malware Config

Signatures

BlackCat
A Rust-based ransomware sold as RaaS first seen in late 2021.
ransomware blackcat

Processes

C:\Users\Admin\AppData\Local\Temp\gora (2).exe
"C:\Users\Admin\AppData\Local\Temp\gora (2).exe"
1⤵
PID:824

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/824-133-0x0000000000960000-0x00000000015F3000-memory.dmp

Filesize
12.6MB

Download

© 2018-2024

Terms | Privacy