blackcat

General

Target

2024-06-20_c6901bc6720e1e30c6c2e89aae874a90_blackcat
Size

2.9MB
Sample

240620-ql47sszcjg
MD5

c6901bc6720e1e30c6c2e89aae874a90
SHA1

783b2b053ef0345710cd2487e5184f29116e367c
SHA256

13828b390d5f58b002e808c2c4f02fdd920e236cc8015480fa33b6c1a9300e31
SHA512

64647585b838fa91c545219350b58609f90fa4817bd8848e4af0b71c98e6d340dc011abe405ce6f044cb5a99acfacdc8bd212ea7289b002ab8285aa42e9008fb
SSDEEP

49152:4dwE1vCCeShiBHJFIPiEPE3bvk6Ca89388YhwjfJNu/RgaJ2wtb:WwE1253IPiYE3bnCa8HzjOvwwtb

Score

10^/10

Family

blackcat

Credentials

Attributes

enable_network_discovery
true
enable_self_propagation
true
enable_set_wallpaper
true
extension
mfqssdj
note_file_name
RECOVER-${EXTENSION}-FILES.txt
note_full_text
>> What happened? Important files on your network was ENCRYPTED and now they have "${EXTENSION}" extension. In order to recover your files you need to follow instructions below. >> Sensitive Data Sensitive data on your system was DOWNLOADED. If you DON'T WANT your sensitive data to be PUBLISHED you have to act quickly. Data includes: - Employees personal data, CVs, DL, SSN. - Complete network map including credentials for local and remote services. - Private financial information including: clients data, bills, budgets, annual reports, bank statements. - Manufacturing documents including: datagrams, schemas, drawings in solidworks format. - Source code. -And more... >> CAUTION DO NOT MODIFY ENCRYPTED FILES YOURSELF. DO NOT USE THIRD PARTY SOFTWARE TO RESTORE YOUR DATA. YOU MAY DAMAGE YOUR FILES, IT WILL RESULT IN PERMANENT DATA LOSS. >> What should I do next? Follow these simple steps to get everything back to normal: 1) Download and install Tor Browser from: https://torproject.org/ 2) Navigate to: http://b4twqa2mvob3s6uvuyfra5xk3qgps2v5kkt7k2qnb7rpdu3j4fkntead.onion/?access-key=${ACCESS_KEY}

rsa_pubkey.plain