Extracted

• • Target

    3d8713641264c41cd6784c5569c1447299fba88633070e40e70bb3ae2b4c5a4e.exe

  • Size

    928KB

  • MD5

    2dc4adf06247b4ed9031a53ef910626c

  • SHA1

    789437e946b3e8d1ccd14ee70e42c7d89ba054b2

  • SHA256

    3d8713641264c41cd6784c5569c1447299fba88633070e40e70bb3ae2b4c5a4e

  • SHA512

    9e6eaa4b27e2d6bc1306c33e74465256fab086972680d3a0014cafca8f22bbf865ffaa0f81332ffef83287252faf2ca0c7f369d11412b19ffb57e8e72ea5e0ae

  • SSDEEP

    24576:oUY29aeV/XqzB+qv6w8zJx/W2nz9dPOmX:oUYMPqzFvT8/W2nznP

  Score

  10^/10

  blackbastadefense_evasiondiscoveryexecutionimpactransomware

  • Black Basta

    A ransomware family targeting Windows and Linux ESXi first seen in February 2022.

    ransomwareblackbasta

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Renames multiple (6702) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Drops desktop.ini file(s)

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1behavioral2