General
-
Target
b648b7305df49492c44a1280ec2228a0N.exe
-
Size
885KB
-
Sample
240816-qzgcwsxela
-
MD5
b648b7305df49492c44a1280ec2228a0
-
SHA1
ce77bd3224f47ae4b8a04bd4b4be91c3550de294
-
SHA256
d73f6e240766ddd6c3c16eff8db50794ab8ab95c6a616d4ab2bc96780f13464d
-
SHA512
2b2bb13bedbce537f28cd58e23e54ace05f717ac1e4e3e4672768a4604e99ce9f35ee377ecd0677713729d066a1f730050d968f4a8dc3cb3cf6f5aaf86cd9737
-
SSDEEP
24576:pIr/f/LUup7zmMl8tOKnvwYQ62jaeekMEoBmn6o:pMUS2Ml8trnvwYQ62japkMEQS6o
Static task
static1
Behavioral task
behavioral1
Sample
b648b7305df49492c44a1280ec2228a0N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
b648b7305df49492c44a1280ec2228a0N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
C:\Program Files\instructions_read_me.txt
blackbasta
https://bastad5huzwkepdixedg2gekg7jk22ato24zyllp6lnjx7wdtyctgvyd.onion/
Targets
-
-
Target
b648b7305df49492c44a1280ec2228a0N.exe
-
Size
885KB
-
MD5
b648b7305df49492c44a1280ec2228a0
-
SHA1
ce77bd3224f47ae4b8a04bd4b4be91c3550de294
-
SHA256
d73f6e240766ddd6c3c16eff8db50794ab8ab95c6a616d4ab2bc96780f13464d
-
SHA512
2b2bb13bedbce537f28cd58e23e54ace05f717ac1e4e3e4672768a4604e99ce9f35ee377ecd0677713729d066a1f730050d968f4a8dc3cb3cf6f5aaf86cd9737
-
SSDEEP
24576:pIr/f/LUup7zmMl8tOKnvwYQ62jaeekMEoBmn6o:pMUS2Ml8trnvwYQ62japkMEQS6o
-
Black Basta
A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Loads dropped DLL
-
Adds Run key to start application
-